A key logger, or keystroke logger, is a piece or hardware of software which records user keystrokes. They can be used for legitimate purposes such as checking a minor child’s Internet and email use or for illegal tasks such as stealing email and bank account login and password data. Keyboard loggers use keylogging technology to record keys that are typed on a computer keyboard, and even take screen shots of the computer when in use.
Hardware Key Loggers
A hardware key logger is a small piece of hardware which is usually inserted between the keyboard port and the keyboard. The hardware key logger then records all user keystrokes to it’s internal memory. These devices have memory capacities between 8Kb and 2MB.
Because these devices can be spotted by an alert user, manufacturers now offer hardware key loggers which are disguised as baluns and also complete keyboards with hardware key loggers built-in.
Software Key Loggers
A software key logger can save the expense of purchasing a hardware key logger. In addition, if you can exploit a software vulnerability, a configuration error, or user gullability, you can install a software key logger remotely.
A good software key logger should use very little memory and very few CPU cycles, so as not to attract attention to itself. A good key logger should also hide itself from the Task List and from the Uninstall List. A good key logger should be invisible to the person being monitored. A better key logger will support remote installation and the ability to remotely retrieve keystroke logs. A better key logger should also be able to log only user-defined types of data, such as usernames and passwords.
Many software keystroke loggers are integrated with other surreptitious recording software, such as screen capture software, remote control software, or audio and video recorders.
A few free key loggers are:
How Are KeyLoggers Installed?
When a keyboard logger is installed for malicious reasons, it is normally as a payload of a Trojan virus deployed through a malicious website or infected computer file. Common deployment techniques include infecting a multimedia file such as a song or movie with a Trojan Downloader virus that then infects the targeted computer. The Trojan then downloads a keyboard logger and other computer malware to communicate with the hacker via report FTP or email. A hardware-based logger has to be physically installed on the computer. Newer hardware loggers no longer have to be placed between the keyboard and the monitor depending on the associated software package included with it.
What Are the Dangers of KeyLoggers?
Keyboard loggers pose a number of dangers to computer users. First, it can result in a significant loss of privacy as it can steal the password for online email, banking, Facebook, and MySpace accounts being opened. Second, it can enable rogue actors by allowing them to setup fake accounts in the person’s name whose email and bank accounts were compromised, ultimately resulting in loss of money. Thirdly, users can experience a direct loss of money if they log into bank accounts while a logger program is installed on their computer, as the person receiving the information can remove funds directly from their accounts.
How Do You Detect a KeyLoggers?
Depending on the nature of the keyboard logger, it can be difficult to detect and remove the application. Many loggers are designed to be installed at the Operating System (OS) kernel-level as a rootkit, which gives them access to all information typed on a computer’s keyboard. The primary means of detection is to keep a commercial anti-virus program active and updated on the computer. To help guard against keyboard loggers that the anti-virus cannot detect, keep a sharp eye on email and bank account information. Both can indicate whether your accounts have been hacked as you will notice unexplained transactions or get confirmation emails for services that you have not ordered.