Monday, January 30, 2012

Beware of Keylogging

Keystroke logging (often called keylogging) is the action of monitoring each keystroke a user types on a specific computer's keyboard, typically in a covert manner so that the person using the keyboard is unaware that their keystrokes are being collected in the background. There are numerous keylogging methods, ranging from hardware and software-based approaches to electromagnetic and acoustic analysis.


Hardware Keyloggers:  As a hardware device, a keylogger is a small plug that serves as a connector between the user's keyboard and computer. This device looks like a normal keyboard accessory, and can be easily concealed. 

As the user types, the device collects each keystroke and saves it as text in its own tiny hard drive for the attacker to retrieve at a later time. 

Great examples of state of the art key loggers are available at

Software Keyloggers:  Keylogger software does not require physical access to a user's computer. It can be downloaded intentionally by someone who wants to monitor activity on a designated computer (ie. public computers like those at hotels), or it can be downloaded involuntarily as Malware sent to a victim. The keylogger software records each keystroke the user types and uploads the information over the Internet to the attacker.

Tips to prevent keylogging...

Do not visit untrusted web sites. Some sites may have code in them that can exploit your web browser and cause it to quietly install a keylogging application without your permission. (Note: even trustworthy sites can be hacked. The same hackers who are after your information can hack what you think of as trustworthy sites and add exploit code to them which could deliver a keylogger to your system when visited.)

Do not download add-ons (or other files) from untrustworthy sites. Any executable file you download could contain a keylogger or virus, so before you download a file, be sure you're downloading it from a source that you trust.

Be sure to run the latest version of your browser software.  Keep it patched and up to date.  Many exploits that hackers used have already been patched by the software vendors - all you have to do is stay up to date. 

Make sure your OS version is up-to-date and has the latest patches. Also make sure Anti-Malware client signatures are current to combat vulnerabilities to security exploits or attacks. Just like with browsers, many hackers will try to install keyloggers on your system using exploits that have long since been patched by the software vendor. If you run Windows, be sure to run Windows Automatic Updates on a regular basis.

Note: It is considered good system hygiene to check these things manually yourself on occasion.

Be wary of opening unexpected e-mail attachments.  Do not open attachment files with file extensions that are likely to be associated with Malware (e.g., .pdf, doc, .xls, .bat, .com, .exe, .pif, .vbs).

Do not open e-mails that claim sexual or monetary content. This is a common ploy used by attackers.

Delete chain e-mail and junk mail. You can also block email and create rules to better manage email that appears to be suspicious, junk, etc. Spam filters in Yahoo and gmail are particularly stringent.