Blocking Spyware with Ghostpad

Ghostpad is a javascript based graphical keyword which is aimed at mitigating password stealing spyware. Most spyware programs monitor a victim's key strokes and can even detect specific applications which are being used at that instant by the victim. Thus, a malicious individual could easliy siphon out money or other secrets you may have stored on online websites by installing a key stroke monitoring spyware / malaware which secretly records your online banking, email etc passwords.

There are have been recent advancements made to mitigate spyware attacks by using "virtual keyboards", which are operated by mouse clicks rather than key strokes. Thus making it difficult for spyware to capture login credentials. Though difficult to beat, more advanced spyware packages could use a combination of mouse click monitoring and take screenshots to infer which keys are being pressed. Ghostpad takes this protection to the next level by using the mouse hover time to simulate actual key strokes. This is interesting, because as there are no mouse clicks, the spyware cannot really monitor anything. Cool!

A demo of the script is available here and if you are a website owner you may want to read this on how to integrate Ghostpad on your website. For most part, the script can be freely used but for extra services you need to pay. Below is a demo video of Ghostpad which was referred to us by GrantMVP. You can reach him directly at grantmvp37 [-] aim.com .

Tags: spyware blockers, password protection, anti-spyware, spyware




 

We hate these ADs as much as you do! Help us stay FREE and CLEAN by making a Generous Donation!

Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the co-founder of Axonize. Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net