Court Halts Marketing and Use of Stealth Keylogger Program

A federal judge has temporarily stopped the marketing and use of a spyware program that tracks computer keystrokes of its unsuspecting victims.

The Federal Trade Commission (FTC) obtained a temporary restraining order (TRO) stopping CyberSpy Software, LLC from marketing, selling, and allowing access to information gained from its RemoteSpy program.

In a complaint, the FTC stated that the RemoteSpy program can be installed remotely and secretly. “The software has a function that records every keystroke typed on a computer (a ‘keylogger’) as well as other computer activities,” the complaint states. After the program is installed, it sends information every 10 minutes to a CyberSpy server, where the party who installed the program can view a detailed log of the victim’s computer activity, including usernames and passwords. The FTC said that once the program is installed it cannot be readily located or uninstalled by consumers.

In the TRO, the court found the “sale and operation of RemoteSpy is likely to cause substantial harm to consumers that cannot be reasonably avoided and is not outweighed by countervailing benefits to consumers or to competition. The likely harm includes financial harm (including identity theft) and endangering the health and safety of consumers.”

The TRO prohibits CyberSpy from promoting, selling or distributing the software program. It also requires the company to take down its website and “take whatever steps may be necessary to ensure that any information collected from consumers’ computers by RemoteSpy cannot be accessed by the public.”

Federal Trade Commission v. CyberSpy Software, LLC and Tracer R. Spence, U.S. Dist. Court, Middle District of Florida, Orlando Division, No. 08 CV 1872.