keylogger — what is it

Keylogger Definition, Detection, and Protection

There are hundreds, if not thousands, types of malware spread online. Out of them all, keyloggers can legitimately be considered the worst. We are not being dramatic here. If you get infected with a keylogger virus you basically show the hackers everything typed on the keyboard. Passwords, credit card credentials, messages, everything you search for, all of it gets to be exposed and easily stolen.

Read on to learn:

Keylogger definition

Key logger, keystroke logger, also called system monitor, is a perfectly legal surveillance technology. When installed with your own hands on your own computer or smartphone, that is. Corporations commonly use this tool to track and troubleshoot tech issues and surreptitiously monitor their employees. Parents can use this software to monitor the ways their kids use the Internet too. There are known episodes when governments used the technology to collect and analyse info for crime solving.

So what is keystroke logging? As the name suggests, keylogging is a process of recording every key clicked on a keyboard (both desktop and mobile). Keystroke logging technology allows for gathering info on login credentials, web browsing, basically, everything that involves typing, and then sending the collected info, often encrypted, to a server, where it can be decrypted and read.

| Read also: How Does Brute Force Attack Work

Types of keyloggers

There are two ways to divide all the keyloggers into types. First one takes into consideration the way the recording is performed. With this approach all the keylogging can roughly be divided into the following types:

  • Form-grabbing
  • Memory-injection
  • API-based
  • Kernel-based
  • Hypervisor-based

The second approach divides them into software and hardware ones, and it’s much easier to understand.

Hardware keyloggers

As the name suggests, hardware keyloggers are physical devices. These devices can be either inconspicuous looking plug-in types that are inserted into the keyboard port, or modules embedded into the keyboard or the internal computer hardware.

Either way, the criminals will have to gain access to the victim’s computer to plant the device. And to collect it to read the info later, since most of these devices do not transmit the gathered information back to the hackers.

Software keyloggers

Software keylogging is much easier to do. There’s no need to install a physical device, so no need to break into an actual office or home. All the criminals have to do is infect the victim’s computer, which is much easier done than you might think.

Unlike a lot of other malware, keylogging software is not harmful to the infected systems. Their whole point is to stay hidden, operate under the radar and silently and continuously send logs of every action done with the keyboard back to the hacker.

The most commonly used software keylogger is memory injection soft. This is essentially a Trojan virus altering the system memory to bypass security.

Another popular software records every form submitted online from the infected computer. So if you submit a form to create, say, a bank account, the hacker will know every piece of data you submitted.

| Read also: Social Engineering: What It Is and Why It Works

How keyloggers spread

Like any other virus, software keyloggers are spread online and can be sneakily installed without the victim ever noticing something amiss. The most common ways to get infected are described below:

  • Phishing. Clicking on a link or opening an attachment from a phishing email.
  • Visiting a malicious site. A keylogger is installed with a webpage script here.
  • Trojan virus in the software you install. As we already mentioned above, the most typical method of infecting a computer with a keylogger is through a Trojan. As you might already know, a typical Trojan is disguised as some kind of useful utility. When a victim of the Trojan attack downloads the files and installs them, the malware is slipped on the system along with the utility the victim was actually looking for. In other instances, the actual utility is not there, the program the victim was looking for does not work, only the malware is installed. This last method is obviously not very effective for a keylogger.

Continue reading on Protectimus Blog:

Two-factor authentication solutions for business. Secure your organization’s and user’s data with MFA:

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store