Imagine you’re in front of an ATM and the next person in line peers over your shoulder while you enter your credit card’s PIN number on the keypad. That wouldn’t feel right, would it?
Key-loggers practically does the same, except data theft does not take place over your shoulder. But it is collecting it from underneath the keypad. This highly specialized surveillance software allows an attacker to log keystrokes, mouse movements and virtual on-screen key presses inside browsers or applications. Key-loggers come in both software and hardware versions (physical devices that sit between the computer and the keyboard). Albeit the former are the most widely spread.
While allowing normal operation of the infected computers, they monitor, log and send each keystroke to a remote location. Either using e-mail or FTP services. Some key-loggers are sold as legit, commercial software designed to monitor children’s online activity. Most of these apps are used for malicious purposes, such as stealing login credentials, spying on users’ activity or intercepting banking information.
Modern key-loggers are extremely sophisticated. They can only monitor activity within specific applications or web pages to keep the size of log files to a minimum. For instance, they can record only information passed to specific forms belonging to specific URLs (the primary targets are online stores, e-banking services or e-mail service providers).
In brief, there are plenty of reasons to use a key-logger, most of them bad. In fact key-loggers are mainly abusively used by jealous spouses. Or come bundled with Trojans to steal login credentials. Sometimes, key-loggers are used legally, by parents to monitor how their children use the family computer. Surprisingly even companies attempting to discourage employees from using the company computers for personal purposes.
A system monitored by a key-logger – be it software or hardware-based – intercepts everything you type and clusters the information by application. Occasionally, the key-logger takes screenshots which are stored along with the text in a local database. Key-loggers is using this technique to re-compose passwords entered via on-screen keyboards. An anti-key-logging feature used mostly by e-banking platforms. From time to time, the database is sending it to the person that controls the key-logger.
Key-loggers are extremely difficult to detect, especially on computers you don’t own or manage. Like those in coffee shops, public libraries or hotel lobbies. This is why you should avoid as much as possible logging into your accounts on public computers.
On your home PC, make sure to have an anti-malware solution such as Bitdefender Internet Security installed and up-to-date. An anti-malware solution automatically scans your computer and takes appropriate action when key-loggers are found.
Contact us now to book a short meeting at 087 809 3516 or complete the form below. We can assist you with all your IT needs.