Software that secretly records keystrokes on a PC has been banned in the US following a complaint by the Federal Trade Commission (FTC).
CyberSpy Software has sold the RemoteSpy program since August 2005, according to the FTC's complaint filed in a US court. The court issued a temporary restraining order halting CyberSpy's sales and also ordered the company to disconnect servers that were recording sensitive personal information for RemoteSpy customers.
RemoteSpy is just one of dozens of software programs sold on the internet that cross ethical and legal boundaries. Over the last few years, the FTC has taken steps to crack down on companies selling hard-to-remove advertising software and other deceptive or harmful applications.
The FTC's complaint said CyberSpy violated regulations prohibiting the installation of software without the consent of a user and surreptitiously collecting personal data. The FTC is seeking a permanent ban on the sale of RemoteSpy and wants the company to forfeit its gains from sales of the program.
RemoteSpy was advertised as being undetectable by antivirus software and was sold using the slogan 'Spy on Anyone. From Anywhere'. The company's website was down as of Tuesday, but Google's cache of its home page showed the program sold for $89.95 (£60) with free technical support.
CyberSpy Software gave its customers special instructions on how to email the program to an intended victim, disguising it as a harmless photo file.
Features included a "configuration wizard, a user tutorial and step-by-step instructions, including screenshots and examples of how to disguise the appearance of the executable as an innocuous-looking file attachment," said the FTC.
Once running, RemoteSpy would record all keystrokes, including passwords, and take snapshots of a person's screen every five minutes. It could also log instant message conversations as well as websites a person visited.
The information would be sent every 10 minutes to a server owned by CyberSpy, the complaint said. Purchasers of the RemoteSpy could then login through a web-based interface to retrieve the details.
CyberSpy also contended that when RemoteSpy is running, it will not show up in the task manager, processes window or the add or remove software function on Windows PCs. It also supposedly has a cloaking ability, where it can move around on the PC's hard disk to avoid detection.
The FTC took action after a complaint about RemoteSpy was filed in March by the Electronic Privacy Information Center, a US-based civil liberties advocacy group.