Keyloggers: how do they work and how to protect yourself from them

Keyloggers are programs or devices that log keystrokes. Keyloggers that specifically read login data such as names and passwords and transmit them to third parties without authorization come at risk. This is a threat to the security of your email passwords, social media accounts, or online banking information. Such keyloggers are used not only by individual hackers, but also by investigative authorities and intelligence services to spy on confidential data. The term keylogger is often used interchangeably with spyware. Spyware is the general term for malicious software that specifically sniffs out information from the user. The term “keylogger” is more narrowly defined, as these only determine the keystrokes.

Definition of keylogger:

"A keylogger is software or hardware that records keyboard entries in order to pass them on to third parties. This endangers data security, as unauthorized persons can gain login data such as passwords, which they can then use to access even more data."

Not all keyloggers are malicious or illegal in nature. With keylogging, the behavior of a user on the computer can be checked - this does not have to be done for criminal reasons. Keyloggers also make it easier to document computer use for scientific purposes, for example to obtain data on human behavior on the computer. Keylogger programs and devices are not necessarily illegal in and of themselves. They only become questionable in terms of security if they are installed without the consent of the computer user.

Software keylogger:

​On the software side, keyloggers often work through inconspicuous background processes that copy keystrokes. Some keyloggers can also take screenshots of the text entered. This data is then usually passed on online or saved in a file on the victim's hard drive. In the latter case, the hard disk is then again accessed without authorization. These types of keyloggers are the best known and can be effectively combated with the help of a firewall or an antivirus program. Keylogger software comes in many different flavors. We present some of them below.

Keylogger hardware

Many Internet users do not even know that hardware keyloggers exist and not only spy on software passwords. This type of keylogger can be used, for example, in the form of a small USB plug that is plugged between the keyboard and the computer. Such a connector has an internal memory in which logs of the keystrokes are stored. If you later remove the keylogger, you can read out the stored logs. Hardware-based keyloggers are also available in very imaginative and surprising variants, some of which are reminiscent of James Bond gimmicks. However, private users will rarely come into contact with them.

How to protect yourself from keyloggers

Most keyloggers can be contained well with a virus scanner and an up-to-date firewall. Of course, new keyloggers are constantly being developed whose signature is not immediately recognized as harmful by the protection programs. Your behavior on the computer is therefore also important if you want to minimize the risk of keylogging. We have some tips for you on how to protect yourself from keyloggers.

1. Keep your security software up to date. Use powerful anti-virus programs and real-time scanners to protect yourself from keyloggers. Most keyloggers can be found and removed by any reasonably good antivirus program. However, you shouldn't skimp on the quality of the software - especially if you regularly enter highly confidential data such as account details on your computer.
2. Special password managers not only help you to contain the password chaos. If desired, they can also generate highly complex passwords that are difficult to record by keyloggers. In addition, these programs often have an autofill function, thanks to which you do not have to enter your login details manually. After all, keyloggers can usually only read what you actually type.
3. When it comes to login data, multi-factor authentication (MFA) is extremely secure. The user is not only asked for a password, but also mostly interactive authentication with a variable factor (e.g. using the mobile phone). Even if keyloggers get the actual password, that's useless thanks to the MFA alone.
4. Keylogger hardware is almost never used by private individuals. But if you z. If, for example, you deal with highly confidential data at work that could be of interest to competitors, it doesn't hurt to check your connections from time to time. Keep an eye out for any suspicious looking adapter plugs. If you believe you are a victim of keylogger hardware, inform IT before removing the supposed keylogger.
5. A simple trick to prevent keyloggers is to use the virtual keyboard. In Windows you call this by running “osk.exe” in the run dialog (Windows key + R). Since keyloggers usually only read physical keystrokes, you are better protected if you enter your login data via the virtual keyboard.
6. There are special tools on the Internet that can be used to find and remove keyloggers. The best known tool is probably Spybot - Search & Destroy, of which there is also a very powerful free version. Another tried and tested program is Malwarebytes. In contrast to more comprehensive antivirus programs, Spybot and Malwarebytes were specially developed as tools against malware that spy on your data - just like keyloggers.
7. Particular caution is required when using publicly accessible computers. As a matter of principle, avoid entering confidential data on public computers. If you still need to: Examine the ports for suspicious hardware. Whenever you enter a password on a website, pause the process and type inconsistent characters anywhere before completing your password. You can use this method to trick potential keyloggers. You can also use the virtual keyboard on most public computers.