Keyloggers can be hardware or software used for legitimate purposes like troubleshooting or illegitimate purposes like spying. Hardware keyloggers are easy to spot but require physical access, while software keyloggers can be installed remotely and bypass security measures. To minimize risk, install anti-virus and anti-spyware, regularly check running processes, use a firewall, confuse the keylogger by typing extra characters, and use a browser with a form-filling feature.
A keylogger creates a log of everything that is typed on a keyboard for review by a third party. Keyloggers may be used for legitimate purposes to troubleshoot network problems, analyze employee productivity, or assist law enforcement, for example; or they can be used for illegitimate purposes to surreptitiously spy on people for personal gain. A keylogger can be a hardware device or a software program.
The most common hardware keylogger plugs into the keyboard port of your computer, connecting to the keyboard cable. It may look like an extension tail or in other cases a small cylindrical device. This makes it easy to spot if searched, but it won’t be detectable by software. Models are priced around the number of keys they can hold, with higher capacities being more expensive. An entry model costs $49 US Dollars (USD) with a capacity of 128,000 keystrokes.
Once installed, the registry is recoverable by opening a word processor and entering a password to reveal a hidden keylogger menu. Like all hardware keyloggers, it has the limitation of requiring physical access to the system, but could be used by network administrators or parents to monitor the family computer.
Another type of hardware keylogger is pre-installed inside the keyboard itself on the circuit board. This device is undetectable unless the keyboard is disassembled, but requires replacement of the existing keyboard. A similar keylogging product can be soldered to the circuit board of any keyboard, but this requires some skill.
Software keyloggers are often installed via malware such as Trojans, viruses, spyware or rootkits. These keyloggers can collect keystrokes through a number of methods, depending on the design. Some keyloggers work at the kernel level; others use a hook to hijack system processes that manipulate the keylogger; and still others use entirely different means. A keylogger installed remotely by malicious means secretly sends its logs to the person who installed the device over an Internet connection.
The danger of a malicious keylogger is that it traps information before it can be encrypted. For example, banking websites provide a secure connection between your computer and the website so that all data is encrypted in transit. However, as you type a username and password, the keylogger logs those keystrokes, bypassing all security measures. Keyloggers not only have the ability to intercept usernames and passwords, but also credit card numbers, bank account numbers, private passphrases for encrypted files, financial records, emails, and so on.
Keyloggers are widely available online but are also easy to write, making them a real threat to personal safety and an easy fix for the growing problem of identity theft. There is currently no surefire way to protect yourself from all forms of keyloggers, but there are steps you can take to minimize your risk.
Install top-notch anti-virus and anti-spyware on your system, preferably programs that help prevent keyloggers and monitor keylogging activity. This doesn’t guarantee you won’t get a keylogger, but it does help by recognizing and removing known keylogger signatures.
Regularly check the processes running on your system for anything that doesn’t belong. On Windows® systems, you can use Task Manager to view running processes. There are also third-party applications available that will not only show you what processes are running, but will provide a direct link to online information about the nature of the process. If you’re unfamiliar with running processes, this is a good starting point to familiarize yourself with what you should expect to see on your system and what you shouldn’t.
A firewall does not usually provide keylogger protection but it can warn you if a program is trying to send information to the Internet. By interrupting this action you can prevent a thief from recovering a log and be alerted to the possible presence of a keylogger.
Other ways to “confuse” a keylogger include typing extra letters or numbers when entering secure information, then highlighting characters that don’t belong, and entering a legitimate character to replace them. You can also use a browser with a form-filling feature that will keep usernames and passwords securely on your system and automatically fill them in when you log into a site, without forcing you to use a mouse or keyboard. Also, there are programs that scan for keyloggers, but they can also detect legitimate processes, making it difficult for the average person to make real use of these tools.
Protect your devices with Threat Protection by NordVPN
