Super Antispyware is one of the utility tools I use for our XP computers at home. From time to time I use this machines for blogging and accessing our cloud servers. I enjoyed using this tool because I use it for free and it’s quite reliable when it comes to checking of spyware.
Evilgrade, is a hacking tool that is used for Man In The Middle (MITM) attacks. To prevent the machines at home from being exploited I checked where the updates are coming from. This is also a way to evaluate the ISP that we have whether I can rely from it when it comes to security though from personal checking of the network it’s vulnerable from such attacks. Here is how I checked the super antispyware update connection in windows xp or can also be used in any windows OS:
- The image below is how a MITM attack would look like in a network,
image from owasp.org - To prevent such attacks open the command prompt and type the command
netstat
The image shows the computer‘s current connection which us Yahoo. My sister is using Yahoo (I don’t recommend using it) for her emails.
- After checking the connections I started the super antispyware update.
- While the update is at work check the network connection again using the same command: netstat
- After seeing the update’s connection I can say that the update was legit. If you can see a private address or connections not from superantispyware capture the current connection using “print screen” and cancel the update. Report this attack to your ISP.
I hope this post can keep the super antispyware users from any MITM attacks. Stay safe!
