Technologies of modern computer espionage can boggle the imagination. Some programs are able to find out almost any data about a PC user – from the applications used by him to his passwords, which give access to the online services he uses and files he works with.
What are keyloggers?
In the spyware variety, keyloggers are among the most dangerous and well-disguised. Quite often, a user does not suspect that such a program has been installed on his or her computer – the PC doesn’t show any signs of dangerous spy software presence. High quality programs of this type can not be detected by users; at the same time, they may cause great damage. What are keyloggers? And why should you be cautious about them?
You can easily understand the main function of keylogger from its name. Keylogger is a tool that keeps logs of a keyboard activity, or keystrokes, to be more exact. It records into a special file all the key strokes made on the keyboard, i.e. everything a user types: emails, working documents and – the most crucial – passwords. They would open access to many important sources: electronic mail, working documents, user’s account on the server, online banking systems. A hacker who gets access to a user’s keyboard gets access to all his or her information. Unsurprisingly, keyloggers are called keyboard spies. Like real spy agents, they secretly dig out plenty of confidential data, while staying hidden. A keylogger can effectively forward these keyboard logs to a secret server or send the collected data to criminals via email.
Keyloggers exist not only in the form of software – there also are hardware ones. Hardware keyloggers are not that widely spread, because they are easier to detect. Nonetheless, some hardware keyloggers can be embedded into USB-devices – for example, in the form of additional plain cable.
Legally used Keyloggers
If a keylogger’s usage is not authorized, it is deemed spyware. Although there are cases when its usage is legal. Moreover, users can be aware of keyboard spyware installed on their PCs. For some companies it is an efficient way to control the employees’ activity, e.g. to prevent confidential data leakage. Also, a keylogger can be used for monitoring systems and working tasks performance statistics – some type of control over the working staff, namely over their activities (to check whether they do or do not do something unnecessary during working hours). Keylogger is also a typical element in parental control systems. If a keylogger is to be installed on an office computer, it’s worth to include special terms in a labor contract – to prevent any possible claims for privacy infringement. Thus, an employee must know that using office means of communication for private purposes is prohibited and that certain measures can be taken by administration and security departments to control over these rules observance.
How keyloggers work
On the one hand, keyloggers usage is not harmful because they do not destroy any data, do not interfere with computer’s operation, and do not undertake any illegal actions – unlike other malware. At the same time, you should keep in mind that unauthorized installation of a keylogger on someone’s machine is quite a dangerous thing. Firstly, a cybercriminal would know all the information that a user has entered: search queries, access passwords to various services, including email apps, working files and even online banking systems. Therefore, having received such data, any stranger would get access to someone’s confidential information and use it, let’s say, to transfer money to his account or to change the password to email account.
Modern keyloggers can copy not only text information. Some advanced versions can capture screenshots and send them to a remote PC. Such a spyware is able to “read” contents of a text document even if a user just opened and closed it. Among other options of a high quality keylogger are the following ones: it can “take a picture” of a folder contents or of a list of sent emails; obtain access to web camera images, to a list of files in printer queue, to a list of launched applications, to browsing history, Internet Messenger chats and to other various data.
One more reason why a keyloggers are a great threat is that an average user usually cannot detect them on his PC without help. It is neither a virus, which will eventually reveal itself, for instance, in slowing down the PC, nor a phishing message, which will be easily caught in the email box by an experienced user. Keyloggers are absolutely invisible, uncatchable and perform their work in a smooth and unnoticeable way.
The log files created by them can be saved on the user’s PC. But most probably, they are going to be sent to another computer- either to an external server or to the criminals’ email address, invisibly to the PC owner.
Most often, keyloggers are applications that someway are installed on a users’ machine. Optionally, a keylogger can be installed on someone’s computer through a local net or a USB storage device. Besides, for these programs the full process of installation– with a series of pop-up windows and the necessity of confirmations from the user – is not required. Modern keyloggers are able to locate and unfold files for spy goals on the victim’s computer in the background mode.
In addition, there are other two channels for keylogger to penetrate a PC: from a bug that was received via email or somehow got there, or from a script on the infected web page.
Though hardware keyloggers are true spy devices that are not so commonly used, this article would not be complete without their description. As mentioned above, hardware keyloggers are more difficult to detect, but simpler to install – compared with software ones, because installation doesn’t require access to operating system, only physical access to the PC. So, any visitor can install it when the PC is off. Most often, hardware keyloggers are disguised as some computer equipment like a USB disk, or a flash drive, data cable, or even a computer mouse. Some keyloggers can be embedded into a keyboard. Accordingly, it is relatively easy to take the hardware keylogger off. Its owner then would get access to the keyboard log. One more convenience with hardware kayloggers that they can be used on computers that are not connected to external networks (for example, corporate PCs on which secret data are processed)
Protection against keyloggers
Protecting your machine against a keylogger is not a very hard task. Most modern anti-virus software products check PCs for spy software including keyloggers that are also deemed spyware. When choosing an anti-virus, pay attention and check whether it has the function of protection against spy software. In some anti-viruses’ descriptions their ability to protect against keyboard spyware is specifically emphasized.
Still, it is extremely hard to detect some malicious applications. If you suspect that a keylogger has been installed on your computer, you’d better try to load your operating system from the external USB-disk instead of the hard drive. In some cases, there is also a possibility to use a virtual keyboard – the latest versions of OS Windows support this.
Additionally, there are specific utility programs particularly designed to protect against keyloggers – so-called anti-keyloggers.
You are welcome to find out more about the features of the best anti-keyloggers here: http://www.anti-keyloggers.com/.