fortypoundhead.com

What the heck is a Keylogger?

Posted On 2010-10-06 by FortyPoundHead
Keywords:
Tags: Security Tip Tutorial 
Views: 1632


A keylogger is a program that runs in your computerís background secretly recording all your keystrokes. Once your keystrokes are logged, they are hidden away for later retrieval by the attacker. The attacker then carefully reviews the information in hopes of finding passwords or other information that would prove useful to them.

For example, a keylogger can easily obtain confidential emails and reveal them to any interested outside party willing to pay for the information.

Keyloggers can be either software or hardware based. Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable. Hardware-based keyloggers are more complex and harder to detect. For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.

As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a userís privacy for months, or even years, without being noticed. During that time frame, a keylogger can collect a lot of information about the user it is monitoring. A keylogger can potential obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more. All this collected information can be used to steal userís personal documents, money, or even their identity.

A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:

  • Undetectable in the process list and invisible in operation
  • A kernel keylogger driver that captures keystrokes even when the user is logged off
  • A remote deployment wizard
  • The ability to create text snapshots of active applications
  • The ability to capture http post data (including log-ins/passwords)
  • The ability to timestamp record workstation usage
  • HTML and text log file export
  • Automatic e-mail log file delivery


All keyloggers are not used for illegal purposes. A variety of other uses have surfaced. Keyloggers have been used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web. Additionally, in December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspectís computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfoís password and gain access to the needed file.


About the Author

FortyPoundHead has posted a total of 1974 articles.

 


Comments On This Post

No comments on this post yet!


Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.


Your IP address is:54.198.108.19

Before you can post, you need to prove you are human. If you log in, this test goes away.




Recent Forum Posts

VBScript Formatting String Text
Williamhawk posted on November 21, 2017 at about 2:54 in VBScript

Is There a Media Player for Linux Which Can Play
Williamhawk posted on November 21, 2017 at about 2:50 in Linux Help

Advanced search added
dwirch posted on September 23, 2017 at about 13:44 in Site News

Job Spammer: Gaurav Mehta - AgreeYa Solutions
dwirch posted on September 22, 2017 at about 10:35 in Spammers

Job Spammer: Prutha Siri - Javelin Systems
dwirch posted on September 10, 2017 at about 6:15 in Spammers

New security implemented
dwirch posted on September 7, 2017 at about 7:16 in Site News