Imagine you’re in front of an ATM and the next person in line peers over your shoulder while you enter your credit card’s PIN number on the keypad. That wouldn’t feel right, would it?
Keyloggers practically does the same, except data theft does not take place over your shoulder. But it is collecting it from underneath the keypad. This highly specialized surveillance software allows an attacker to log keystokes, mouse movements and virtual on-screen key presses inside browsers or applications. Keyloggers come in both software and hardware versions (physical devices that sit between the computer and the keyboard). Albeit the former are the most widely spread.
While allowing normal operation of the infected computers, they monitor, log and send each keystroke to a remote location. Either using e-mail or FTP services. Some keyloggers are sold as legit, commercial software designed to monitor children’s online activity. Most of these apps are used for malicious purposes, such as stealing login credentials, spying on users’ activity or intercepting banking information.
Modern keyloggers are extremely sophisticated. They can only monitor activity within specific applications or web pages to keep the size of log files to a minimum. For instance, they can record only information passed to specific forms belonging to specific URLs (the primary targets are online stores, e-banking services or e-mail service providers).
In brief, there are plenty of reasons to use a keylogger, most of them bad. In fact keyloggers are mainly abusively used by jealous spouses. Or come bundled with Trojans to steal login credentials. Sometimes, keyloggers are used legally, by parents to monitor how their children use the family computer. Surprisingly even companies attempting to discourage employees from using the company computers for personal purposes.
A system monitored by a keylogger – be it software or hardware-based – intercepts everything you type and clusters the information by application. Occasionally, the keylogger takes screenshots which are stored along with the text in a local database. Keyloggers is using this technique to re-compose passwords entered via on-screen keyboards. An anti-keylogging feature used mostly by e-banking platforms. From time to time, the database is senting it to the person that controls the keylogger.
Keyloggers are extremely difficult to detect, especially on computers you don’t own or manage. Like those in coffee shops, public libraries or hotel lobbies. This is why you should avoid as much as possible logging into your accounts on public computers.
On your home PC, make sure to have an antimalware solution such as Bitdefender Internet Security installed and up-to-date. An antimalware solution automatically scans your computer and takes appropriate action when keyloggers are found.
Contact us now to book a short meeting at 087 809 3516 or complete the form below. We can assist you with all your IT needs.