Drive-by spyware which, well, spies on you
CoolWebSearch (CWS) is an interesting advertising company. What sets it apart from your run-of-the-mill advertising company is that it specifically uses browser vulnerabilities (mainly Internet Explorer) to install its spyware/adware as the user browses one of its numerous affiliate sites. No user interaction whatsoever. This type of activity has been dubbed in the industry as ‘drive-by installation’.
It appears that an invisible boundary has been crossed now with a
CWS variant that specifically collects keyboard strokes and potentially other information and posts it on an Internet server.
Check out Sunbelt Software blog and remember: This is just a blog and the alleged research results of a single person. Don’t jump to conclusions – not just yet.