I know something about screen grabbing software since cyber security is what I do and I've used them extensively. Screen grabbers are not at all uncommon, though the article is probably wrong about Microsoft being the culprit. It's right about a certain federal agency that I won't be naming, though.
Cracking a target's computer and installing nefarious software isn't hard. The way it works is that you first entice the target to access something that you control - a photo you've posted, or a BBS, for instance. In either case, you monitor the access and record the user's IP address. You then use nmap to do a port scan on the target's computer. Computers normally have open ports that are used by installed software. The ports will often tell you what software, or at least software possibilities, are on the computer. You then run another tool to sync the open ports and hopefully obtain software details - protocols, services and (the holy grail) the software version. Then you check the internet for known bugs in the software. In many cases, the bugs can be exploited to give direct or indirect access to the target's system in which case you can install whatever you want.
If this seems like a lot of work, it's not. I like Core Impact for penetration tests. It's pricey - about $65,000 - but it does most of the above automatically. I can breach most people's systems in only a few minutes if their system is on when I scan it. All it takes is a target who's naive enough to give me their ip address, and a bug that the user is unaware of or hasn't yet patched. That's not asking much. Let's face it: Most of us don't think about applying patches to the applications we use. But we HAVE to. They're just as important as the operating system patches. I do full patching (not just the Microsoft stuff) of my computers twice a week.
BTW, there's also another approach. If you don't have a particular person in mind but DO have awareness of a serious bug, you can scan the entire internet for occurrences of that deficiency in just a little over a month. How mind boggling is that?
Properly implemented firewalls will prevent this, of course, but home users hardly ever understand their firewalls well enough to keep a determined intruder out.
| 
