Thursday, 9 July 2020

Beware Of The Keylogger

Any legitimate keylogging program can still be used with malicious or criminal intent

The next time you use a public computer or a computer other than you own to access bank accounts and other sensitive and personal information. beware. A little known but available everywhere device or software, can easily record every stroke you type on the keyboard, making it cakewalk to hack an account.

4017366_f520So, what the heck is a keylogger?

A keylogger, also known as keystroke logger or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer’s keyboard.

Keyloggers can be divided into two categories, keylogging devices and keylogging software. The former can easily be spotted as it requires a physical connection, usually between the keyboard cable and the motherboard on desktop computers. The latter, is virtually impossible to detect, as the software records away virtually undetected.

- paying the bills -

What a keylogger does?

  • Logs each keystroke a user types on a computer’s keyboard
  • Takes screenshots of user activity at predetermined time intervals or when a user types a character or clicks a mouse button.
  • Tracks user activity by logging window titles, names of launched applications, exact time of certain event occurrence and other specific information
  • Monitors online activity by recording addresses of visited websites, taken actions, entered keywords and other similar data
  • Records login names, details of various accounts, credit card numbers and passwords including those hidden by asterisks or blank space
  • Capture online chat conversation made in popular chat programs or instant messengers
  • Makes unauthorized copies of outgoing and incoming e-mail messages
  • Saves all collected information into a file on a hard disk, and then silently sends this file to a configurable e-mail address uploads it to a predefined FTP server or transfers it through a background Internet connection to a remote host. Gathered data can be encrypted.
  •  Complicates its detection and removal by hiding active processes and concealing installed files. The uninstaller, if it exists, usually refuses to work if a user cannot specify a password.

Appropriate usage of keyloggers

Developers and vendors offer a long list of cases in which it would be legal and appropriate to use keyloggers, including;

  • Parental control: parents can track what their children do on the Internet, and can opt to be notified if there are any attempts to access websites containing adult or otherwise inappropriate content;keylogg
  • Jealous spouses or partners can use keylogger to track the actions of their better half on the Internet if the suspect them of “virtual cheating”;
  • Company security: tracking the use of computer for non-work-related purposes, or the use of workstations after hours;
  • Company security: using keyloggers to track the input of keywords and phrases associated with commercial information which could damage the company (materially or otherwise) if disclosed;
  • Other security (e.g. law enforcement): using keylogger records to analyze and track incidents linked to the use of personal computers;

However, the justifications listed above are more subjective than objective; the situations can all be resolved using other methods. Additionally, any legitimate keylogging program can still be used with malicious or criminal intent.

Today, keyloggers are mainly used to steal user data relating to various online payment systems, and virus writers are constantly writing new keylogger Trojans for this very purpose.

- paying the bills -

Types of hardware keyloggers
They can be implemented via BIOS-level firmware, or alternatively, via a device plugged inline between a computer keyboard and a computer. They log all keyboard activity to their internal memory.

A hardware keylogger has an advantage over a software solution; because it is not dependent on the computer’s operating system it will not interfere with any program running on the target machine and hence cannot be detected by any software.

A hardware keylogger is typically designed to have an innocuous appearance that blends in with the rest of the cabling or hardware, such as appearing to be an EMC Balun. They can also be installed inside a keyboard itself (as a circuit attachment or modification), or the keyboard could be manufactured with this “feature”. They are designed to work with legacy PS/2 keyboards, or more recently, with USB keyboards. Some variants, known as wireless hardware keyloggers, have the ability to be controlled and monitored remotely by means of a wireless communication standard.

The main risk associated with a hardware keylogger use is that physical access is needed twice: initially to install the keylogger, and secondly to retrieve it. Thus, if the victim discovers the keylogger, they can then set up a sting operation to catch the person in the act of retrieving it. This could include camera surveillance or the review of access card swipe records to determine who gained physical access to the area during the time period that the keylogger was removed.

Keylogger-hardware-PS2-example-connected.jpgWireless Keylogger sniffers – Collect packets of data being transferred from a wireless keyboard and its receiver and then attempt to crack the encryption key being used to secure wireless communications between the two devices.

Firmware – A computer’s BIOS, which is typically responsible for handling keyboard events, can be reprogrammed so that it records keystrokes as it processes them.

- paying the bills --

Keyboard overlays – a bogus keypad is placed over the real one so that any keys pressed are registered by both the eavesdropping device as well as the legitimate one that the customer is using.[1]

Denial of physical access to sensitive computers, e.g. by locking the server room, is the most effective means of preventing hardware keylogger installation.

Visual inspection is the easiest way of detecting hardware keyloggers. But there are also some techniques that can be used for most hardware keyloggers on the market, to detect them via software. In cases in which the computer case is hidden from view (e.g. at some public access kiosks where the case is in a locked box and only a monitor, keyboard, and mouse are exposed to view) and the user has no possibility to run software checks.

One method a user might thwart a keylogger when using a public or unknown computer is by typing part of a password, using the mouse to move to a text editor or other window, typing some garbage text, mousing back to the password window, typing the next part of the password, etc. so that the keylogger will record an unintelligible mix of garbage and password text.

"Rico" is the crazy mind behind the Q media websites, a series of online magazines where everything is Q! In these times of new normal, stay at home. Stay safe. Stay healthy.

Related Articles

[BLOG] Costa Rican Electric Company – General Maintenance Procedures

During my fifteen plus years of living in Costa Rica, I...

Heliport, Money and Weapons in Costa Rica

Following reports by residents of Las Asturias de Pococí about flyovers...


Health admits community transmission in the Greater Metropolitan Area

(QCOSTARICA) The explosion of COVID-19 infections forced in the last couple of weeks, in particular, the last two days with 294 new cases on...

Reviving U.S. tourism in Costa Rica, a 4-point solution

RICO'S DIGEST - Costa Rica's main source of tourists is being left high and dry in the coronavirus era as Americans are being banned...

Road paving in Costa Rica

Auditor's report: road asphalt deteriorates in 90 days of paving.

‘Post mortem’ test confirms victim 19 of new coronavirus in Costa Rica

(QCOSTARICA) Costa Rica recorded on Saturday night death number 19 of a positive COVID-19 person, reported the Ministry of Health. This is a male, young...

My continuing saga with the AyA…

Rico's DIGEST - In May I wrote about my outrageous water bill, a whopping ¢34,000 colones when my average monthly usage/billing for the 12...

The iPhone 12 arrives in September but without headphones or charger

(QCOSTARICA) Apple's new flagship, the Phone 12, is expected to arrive in September as usual, despite the Covid-19 pandemic. But it will not include EarPods...

Let's Keep This Going!

To be updated with all the latest news and information about Costa Rica and Latin America.