Passwords, surfing behavior and login data - that's what keyloggers are aiming for. The keyboard spies steal credentials, eavesdropping on your trips to the Internet and invading your privacy. We show you how to recognize keyloggers and how to protect yourself.
A keylogger, once installed, records everything you write: your chats, e-mails, password credentials, credit card details with the security number on the back, which is queried everywhere ... and all of this is forwarded to the one who installed the software into your computer: your friend, your wife, your boss, or the friendly cybercriminals in the neighborhood.
Overall, there are four ways keyloggers can find their way into your life:
1. You are using a public or borrowed computer and somebody has put in small software there that records every keystroke. You log in to your Facebook account once on a public PC and off you go - your username and password are recorded, saved and waiting to be retrieved by anyone with sinister intentions. (The likelihood is pretty high that your Facebook username is also your primary email address ... and you're using the same password for both, or not? Yeah, and it's getting worse.).
2. You accidentally downloaded a keylogger to your computer. Keyloggers are malware and malware causes damage. Opening a suspicious link, a vague e-mail attachment, or clicking an infected online ad on an unsecured computer - all this is enough to get a criminal to get your bank details, passwords, or letters to your mother.
3. Someone will install a keylogger on your computer without your knowledge of course. This case is pretty self-explanatory, but I will briefly describe it here: The spouse or the parent or a roommate or even the boss (who wants to read your personal blog, even if you did not hand over the URL) has a keylogger without your knowledge placed on your computer. And suddenly you have to explain who this Lisa is, or you will be summoned to the hiring manager.
4. Someone connects a keylogging module to your computer. A real object made of metal and plastic to touch - if you even knew it was there. This is installed between the keyboard and the USB port and is particularly suitable for corporate espionage, as it is much easier to install such a device hidden in the face of the usual cable clutter.
Keyloggers come in different forms. Widely used are software keyloggers who hide themselves on a PC and record their keystrokes and take screenshots. They then send the collected data over the internet to their authors. For example, Wolfeye Keylogger is high in the top ten list of data spies. Amazing: The program is not a hacker tool, but is officially and legally distributed.
Spy in the Windows core
In another league, kernel keyloggers such as the sophisticated Duqu Trojan are used for industrial espionage, which have no telltale signs under Windows, because they are usually started completely inconspicuously as drivers. Well-known spyware hunters such as Spybot and Ad-Aware fail miserably here - an anti-virus software protects only when the spy has been unmasked and the virus scanner has been equipped with the signature.
Even more insidious and completely unnoticed by the virus monitor Hardware Keylogger. Inserted between the keyboard of the target computer and the keyboard connector, they store pressed keys in an integrated memory chip.
The case became famous in the United States where teens used a hardware keylogger to crack a school computer. Reliable protection against hardware keyloggers does not exist. Here only helps, if suspected to check the connectors of the computer. However, private users need hardly fear such a professional eavesdropping.
Listening trap radio keypad
Even without a keylogger keyboard input can be monitored on the PC - if you use a wireless keyboard. Infrared keyboards are considered conditionally safe due to their limited range. Unlike the classic wireless keyboard, as they radiate their data unencrypted over 30 meters. With a modified wireless keyboard and a CB radio, everything can be read and logged.
Only Bluetooth keyboards are usually safer because they can only be eavesdropped because of the frequency hopping used with more constructive effort. Important for Bluetooth: It should be ensured that the devices used are operated with authentication and activated encryption.
Protection against keyloggers
Virus scanners usually protect against all known keyloggers. However, they can fail with brand new or previously unrecognized malicious code because they still lack the correct signature. Here then only helps a virus scanner with a behavioral guard. Be sure to use an antivirus program that uses this heuristic detection method to prevent malicious code.
Anyone who uses publicly available Internet terminals, such as Internet cafés and libraries for their Internet trips, is well advised to entrust their login data to a USB pocket vault such as Sticky Password Free. The advantage: logging in to a website is done automatically without any keys being pressed - so keyloggers have no chance to collect passwords and access data. The free version of Sticky Password is limited to 15 password user accounts.
So this is how to recognize, remove or disable a keylogger:
Okay, so then to the tips. You will undoubtedly apply it, because keyloggers are indeed a high risk when you think of the many private or even compromising data that you process on your computer every day:
1. Never enter personal information on a public computer and in any case do not log in with your credentials. Wait until you get home to read the latest posts on social media or check your balance. Assume that everything you enter on a public PC is recorded, so act accordingly.
2. Obtain a current antivirus program that you can trust. As mentioned earlier, keyloggers are a form of malware and your first line of defense against malware is your antivirus program. We know a really, really good one. If your PC has been infected with a keylogger, then we recognize and destroy it. If you are not careful and click on something suspicious, then we will interfere.
3. Every now and then check the connection between your keyboard and your PC. Just to check if everything is alright there. Occasionally. And only in case. So no big deal.
4. You may also want to rethink your current relationship if you discover a keylogger at home.