What is a Keylogger and how to protect yourself from a keylogger
Today’s advanced malware tools often comprise several different components. They are more like Swiss army knives rather than individual tools. This gives an attacker the ability to perform a number of different actions on a compromised system. One important component that is often present in these attack toolkits is a keylogger. A keylogger is a highly specialized tool designed to record every keystroke made on the machine. It gives the attacker the ability to steal huge amounts of sensitive information silently. In this blogpost, we will discuss what is a keylogger and how to protect yourself from a keylogger.
What is a Keylogger
A keylogger is any piece of software or hardware that has the capability to intercept and record input from the keyboard of a compromised machine without the user’s knowledge. The keylogger can either store the recorded data locally or send it to a remote PC controlled by the attacker.
There are software-based and hardware-based keyloggers. The most commonly used keylogger is a software-based tool. It is often installed as part of a larger piece of malware, such as a Trojan or rootkit. Such a keylogger is easier to get onto a target machine, since it typically doesn’t require physical access to the machine. It generally has the ability to impersonate an API on the target machine’s operating system, which allows the keylogger to record each keystroke as it’s made. There also are kernel-level keyloggers, man-in-the-browser keyloggers and other more complex variants.
Hardware-based keyloggers are less common, as they are more difficult to implement on the target machine. Hardware keyloggers often require the attacker to have physical access to the target machine. This can be done either during the manufacturing process or after deployment. Some hardware variants can be installed during the manufacturing process, including BIOS-level keyloggers. A malicious insider could install such a keylogger at the factory level. Other hardware keyloggers can be implemented via USB flash drives or as a fake connector for the keyboard that sits between the keyboard cable and the PC. While being more difficult to implement, they can be more flexible for the attacker as they are OS-independent.
Ways of getting infected
Ensuring you do not have keyloggers
Protect yourself from a keylogger
Following are some of the tips against keylogger and how to protect your device
- Say no to pirated and other suspicious freeware software
- Maintain a password-change schedule (for e.g. every 3 weeks)
- Use ‘Limited priviledges’ based OS profile, for daily low-profile tasks
- Use a modern and up-to-date browser (for e.g. Firefox…), that will help you in avoiding the MiTB based attacks
- Back-up your data, to avoid data loss in case of account compromises
- Use 2-factor authentication on your accounts, as it will protect your account even if your password gets compromised