Keylogger.cc

What is a Key logger

0

What is a Key logger

A key logger builds a log of everything typed into a keyboard to be reviewed by a third party. Keyloggers can be used for legitimate purposes to troubleshoot networks, analyze employee productivity, or to assist law enforcement, for example; or they can be used for illegitimate purposes to surreptitiously spy on people for personal gain. A key logger can be a hardware device or a software program.

The most common hardware key logger plugs into the computer’s keyboard port, connecting to the keyboard cable. It can look like an extension tail or in other cases a small cylindrical device. This makes it easy to spot, if looked for, but it won’t be detectable by software. Models are priced around the number of keystrokes they can hold, with higher capacities being more expensive. One entry model costs US Dollars (USD) with a capacity of 128,000 keystrokes.

Once installed, the log is retrievable through opening a word processor and entering a password to reveal a hidden key logger menu. Like all hardware key loggers, it has the limitation of requiring physical access to the system, but might be used by network administrators or by parents to monitor the family computer.

Another type of hardware key logger is preinstalled inside the keyboard itself on the circuit board. This device is undetectable barring disassembly of the keyboard, but does require replacing the existing keyboard. A similar keylogging product can be soldered on to the circuit board of any keyboard, but this requires some skill.

Software key loggers are often installed through malware like Trojans, viruses, spyware or rootkits. These key loggers can collect keystrokes through a number of methods, depending on design. Some key loggers work at the kernel level; others use a hook to hijack system processes that manipulate the key logger; and still others use entirely different means. A key logger that is installed remotely through malicious means secretly sends its logs to the person who planted the device via an Internet connection.

The danger of a malicious key logger is that it traps information before it can be encrypted. For example, banking websites provide a secure connection between your computer and the website so that all data is encrypted in transit. However, as you type a username and password, the key logger is recording those keystrokes, bypassing any and all security measures. Keyloggers not only have the ability to trap usernames and passwords, but credit card numbers, bank account numbers, private passphrases for encrypted files, financial records, email and so on.

Keyloggers are widely available online but are also easy to write, making them a real threat to personal security and an easy tool for the growing problem of identity theft. At this time there is no sure-fire way to protect yourself against all forms of key loggers, but there are steps you can take to minimize risk.

Install top-notch anti-virus and anti-spyware on your system, preferably programs that help to prevent key loggers and watch for keylogging activities. This doesn’t guarantee you won’t get a key logger, but it helps by recognizing and removing known key logger signatures.

Regularly check the processes running on your system looking for anything that doesn’t belong. In Windows® systems you can use Task Manager to view running processes. Third party applications are also available that will not only show you which processes are running, but will provide a direct link to information online regarding the nature of the process. If you are unfamiliar with running processes, this is a good place to start to familiarize yourself with what you should expect to see in your system, and what you shouldn’t.

A firewall commonly does not provide key logger protection but can alert you if a program is trying to send information out to the Internet. By stopping this action you can prevent a thief from retrieving a log, and be alerted to the possible presence of a key logger.

Other methods to ‘confuse’ a key logger include typing extra letters or numbers when entering secure information, then highlighting the characters that don’t belong and entering a legitimate character to replace them. You can also use a browser with a form-filler function that will keep usernames and passwords securely on your system, and fill them in automatically when you enter a site, without forcing you to use the mouse or keyboard. Additionally, there are programs that scan for key loggers, but they can detect legitimate processes as well, making it difficult for the average person to make real use of these tools.