Updated: May 10
Could your computer turn on you and record everything you typed? What if everything you typed was recorded on a scammer’s computer? What information would they get from you?
This is a very real technology called a keylogger, and scammers and hackers use this to get passwords, usernames, and other information from victims every day.
A keylogger is software designed to track keystrokes and algorithms on your computer. It records this data and sends it to a third party. This software is most often used for hacking purposes.
The first keyloggers were used by the Soviet Union in the 1970s to monitor IBM electric typewriters used at embassies based in Moscow. They would record what was typed and send the information back to Soviet intelligence via radio signals. Swinhoe, D. (2018, December 11). What is a keylogger? How attackers can monitor everything you type. CSO Online. https://www.csoonline.com/article/3326304/what-is-a-keylogger-how-attackers-can-monitor-everything-you-type.html
One of our largest concerns on the internet is if our data is being tracked. Companies prioritize protecting their devices and spend millions of dollars a year to ensure security.
Last year hundreds of models of HP laptops were shipped with keylogging code present in its touchpad drivers. The logging was disabled by default and was part of a debug tool left in by one of the company’s suppliers.
Software-based keyloggers are far more common and have multiple routes for entry. Infected domains are a common attack method. In October, online office suite Zoho saw its .com and .eu domains suspended after serving users keylogging malware. Thousands of Wordpress sites have also been previously infected with keyloggers via fake Google Analytics scripts.
Malware-infected apps are also an issue. Google recently removed 145 apps from the Play Store that contained keylogging malware. As with many types of malware, loggers are often included in phishing emails containing malicious links. A new version of the HawkEye keylogger, for example, was spread via a spam email campaign bearing infected Word documents. Some variants, such as Fauxspersky, can spread through infected USB drives. Swinhoe, D. (2018, December 11). What is a keylogger? How attackers can monitor everything you type. CSO Online. https://www.csoonline.com/article/3326304/what-is-a-keylogger-how-attackers-can-monitor-everything-you-type.html
Are keyloggers illegal?
Actually, they are not. You can legally own a keylogger if it is on your own computer or device. If you possess a keylogger with the intention of using it to steal other people’s data, or you are placing it on a device without the user’s consent, then you have crossed over into illegal territories.
If I can have a keylogger but I can’t legally use it on another person’s device, what is the point of having it at all? Most modern keyloggers are legitimate software programs. Here are a few scenarios in which software like this is useful and legal to use:
Parental Control. Parents can use this software to track what their children do on the Internet and can be notified if there are any attempts to access websites containing adult content. (For more information about our thoughts regarding children and social media, read out past post: Is Social Media Safe.)
Law Enforcement. In certain circumstances, law enforcement can use keyloggers to get access to incriminating information.
Company Security. Companies can use keyloggers to track the use of computers for non-work-related purposes, or the use of workstations after hours. It can also track the use of keywords and phrases that are associated with information that could be materially damaging to the company.
Though there are some justifiable reasons for having keylogger software, the consistency of keylogging being used for criminal intentions is outstanding. Having the desire to protect your business or personal devices from falling prey to keyloggers is wise. Actually making that happen, though, can be tricky. Understanding how they come into contact with our devices and how we prevent them from downloading to our systems is an important part of the equation.
How do I protect myself?
The first important step is knowing how we can come into contact with them. Keyloggers come in two different ways. The first is keylogging software, which is a program created to track keystrokes and log them, often sending them to a third party. The second is keylogging devices. These are small devices that can be inserted into your computer through a USB or cable. Here are some more types of keyloggers:
API-based keyloggers: The most common type of keylogger, these work by infiltrating the keyboard application programming interface (API) on a user's machine, which notes what keys are pressed and sends the information to the program as an input. API keyloggers intercept these inputs and records them as discrete events, which are then stored on the hard drive as a log of every keypress, to be retrieved by hackers later.
Kernel-based keyloggers: A kernel-based keylogger sets deeper in your system and record the keypress information as it passes through the core of your operating system. They do the same job as API keyloggers, but are much harder to detect and remove. However, they’re also harder to create, which makes them rarer than API-based software.
Hardware keyloggers: These devices use the keyboard's circuitry to log keystrokes. These may be built into the keyboard itself, or installed via a USB connector or Mini-PCI card. Rather than relying on software to store the logged keystrokes, all records are kept in the internal memory of the device. However, they do require the hacker to have physical access to a machine to install the device and retrieve the data.
Acoustic keyloggers: Acoustic tools take advantage of the fact that every key on your keyboard will make a slightly different sound when pressed. Therefore, by analyzing this audio, sophisticated keyloggers can determine what was typed - all they’ll need is access to a microphone. However, this type of attack is quite rare, as they require sophisticated equipment and are less accurate than other methods.
Form grabbers: Form grabbers work slightly differently from other forms of keylogger, but the end result is the same. These use compromised code on websites that can record what a user is entering into web forms, then send a copy to the hackers when the user hits submit. They work by attacking the website itself rather than the end user, so can be used for gathering details such as names, addresses and credit card details if, for example, they’re placed onto an ecommerce site's online checkout. Keyloggers: Everything You Need To Know. (2019, November 15). Https://Www.Insightsforprofessionals.Com. https://www.insightsforprofessionals.com/it/security/keyloggers-everything-you-need-to-know?gclid=Cj0KCQjwpdqDBhCSARIsAEUJ0hMax999GeLGay3EgHAyr5h-3Z3rIhB_r24f2WlZrcuaPb1qn6SdiCMaArlEEALw_wcB
Here are some steps you can take to help prevent keyloggers from invading your cyber space or equipment:
Use a Firewall. Typically, the keylogger will send its information back to the third party for an attack. The keylogger has to send data from your computer through the internet. As it passes through the firewall (Windows Firewall), hopefully the firewall will catch it. This, along with a good anti-virus software, should do the trick.
Change Your Passwords. Never use the same password for multiple devices and be sure to use 2fa on all your devices. Installing a password manager is also a helpful tool to prevent further unwanted access.
Virtual Keyboard. Using a virtual keyboard could potentially help protect against device keyloggers. Now remember - device keyloggers are cables or USB drives. A virtual keyboard can help prevent these devices from tracking your keystrokes. However, if you have contracted a software keylogger from an email or document, then it is possible that the software can still log the keystrokes.
Go a Step Further. Taking further security measures, such as paying for a protection plan to help monitor your networks and devices for keyloggers, hackers and phishing scams is a good idea. Finding a third-party company that can help monitor all your back doors when you can’t, is the best way to ensure as much security as possible. Nate Sheen's book, The Cyber Security Guide, is another good resource to read for more information about this subject.
DataCom Technologies offers an affordable computer management service for your home or office called Uptime. It has several levels of plans available for those individuals or businesses looking for twenty-four-hour protection. Click here to read about the specifics of each plan.
Ultimately, it comes down to being aware of your devices and networks and keeping all your systems up to date. If you notice something that seems off, consider it an actual threat, and seek out professional assistance. You can contact DataCom Technologies through our website, or by calling 330-680-6002.