Federal court halts sale of a commercial keylogger

Yesterday, the US District Court for the Middle District of Florida placed a temporary restraining order on CyberSpy Software's RemoteSpy keylogger, acting on a complaint from the Federal Trade Commission.

The FTC's complaint (PDF available here) says CyberSpy violated the Federal Trade Commission Act for improperly advertising a product that is both deployed and installed without consent from a computer's owner with the express purpose of collecting and disclosing the personal information of unsuspecting victims.

The FTC was alerted to the software by a complaint filed by the Electronic Privacy Information Center (EPIC)

RemoteSpy, like other keylogging software, would run in the background without showing up in the task manager, process window, or add/remove software function, recording all keystrokes, IM conversations, and URLs visited by a user, and taking screenshots at varying intervals.

In addition to halting the sales of CyberSpy, the FTC demanded the company disconnect its servers that are used to collect, store, or provide access to logged keystrokes.