What Do Keyloggers Do?
Page content

Intro

It is confounding that traditional viruses get the majority of the malware spotlight. While there are new viruses everyday that can potentially harm a computer, the reality is that most infected computers contain viruses that were intended for past dated attacks. This malicious code can cause adverse side affects making infected files unreadable, however the danger of the virus residing on the system may be quite low depending upon the individual virus. The attack date has gone past due and therefore the virus will not become active with the exception of it’s secondary objectives which are self-preservation and propagation. These old denial of service attacks pose only a fraction of the danger of a keylogger.

Keylogging, as the name suggests, is the act of recording the keystrokes being delivered to a computer from the keyboard. These applications are the perfect way for cyber-thieves to steal usernames, passwords, credit card numbers, etc. And since they only record keystrokes, security measures, such as HTTPS and encrypted passwords, are rendered useless. There are a handful of different keylogger available on the market some of which are undetectable by traditional malware and antivirus applications.

Software Logging

Software keyloggers are applications that attempt to exploit the already available system utilities being either used to provide connectivity for the keyboard or provide third party application support. They record all keystrokes and store them in a file to be retrieved at a later date or transmitted over the internet. Although they are the easiest to obtain and implement they are also the easiest of the keyloggers to detect. Most are identified and removed with a standard anti-malware application. This may, of-course, be after valuable information has been stolen. Software keyloggers contained within rootkits can be nearly undetectable and require the computer be scanned while the operating system is not running. To detect these types of software keyloggers requires the use of an a malware application that is able to run from a boot disk.

Hardware Logging

Hardware keyloggers come in many different designs and are completely undetectable by any type of software. They do not interface directly with the computers operating system but rather the actual keyboard. The most common and cheapest variety connects between the keyboard and the computer, intercepting all communication and storing it on it’s own internal memory. The surveilling party must physically retrieve this unit from the computer in-order to avoid detection and review the collected data. Another, remote form of logging is used by detecting the low-level fluctuations in radiation that occur when a key is depressed. To implement this form of keylogging the perpetrator’s equipment must be within a short range of the subject but not necessarily in the same room or even building. If the keyboard in use is wireless then the act is even easier. Now, instead of looking for radiation there is exact wireless protocol in use which, unencrypted, is not difficult to detect and interpret.

Is there ever a reason to use?

There are many different uses for keyloggers, some are even remotely legitimate. Many parents around the world use keyloggers as an alternative means of parental control software. It allows, in the minds of some parents, the child to be monitored with out the negative affects of feeling untrusted. The parents meetly monitor the child’s usage of the computer with only a set of ground rules in place instead of actually blocking content. In some(most) circumstances this monitoring is a result of obsession and can crossover into a violation of privacy. Therefore in some areas keyloggers have been deemed illegal even for nosey parents. So, even if you do have a seemingly legitimate use for one of these apps it is important to check the local laws.