Trending :Website
Update is in progress

KEYLOGGERS IN CYBERSPACE

Recording Key stroke i.e. KeyStroke Logging / Keyboard Capturing

WHAT ARE KEYLOGGERS ?

Keylogger (AKA "key stoke logger") are malware that are either software based and hardware based, secretly installed within your system, and their primarily goal is to steal the information of your activity that you perform on the keyboard as well as all the inputs that you provide to your system.

HISTORY OF KEYLOGGERS:

Keylogger attacks are the decades of the major cyber-attacks against the individual, business , IT company, organization and networks.Some of them many notable example are as follows:-

In the 1970s, the soviet union developed by the and deployed the hardware keylogger targeting typewriters. Termed the “selective bug”. It measure the movements of the printing head of IBM selectric type writers on the regional of magnetic field of rotation and the printing ahead. And that time the keylogger was written by the Perry kivolowitz and posted by the usenet groups net.unix-wizards on November 17, 1983. The user-mode program operated by located and dumping clients as they were assembled in unix kernel. These installed keystroke logger in the US embassy and consulate building in Moscow. They installed the bugs in selectric electric typewrites. For classified information they are immune to bugs. As of 2013 special services still use typewriters.

In 2007, a group of some Romanian hackers launched a phishing campaign that involved the sending of malicious emails to millions of emails address. When the attacker that victim will be clicked on that link included in these emails, a software based keylogger would be installed on their computers. The attackers of this cyber attack were identical in October 2018, when it was also revealed that stolen of more than $4 million since the launch of attack.

In 2015, a UK student was arrested to four months in prison after he had accept that the crime that use of keystroke logging software to up his exam marks. He installed the software on the system at his university and used to steals the staffslogin information. After that, he used these all login information to access the university records and the marks on five of his exams.

In 2017, the it was conclude that the software based keylogger has capture the images, texts, clipboard, saved logins and messages include chat history also confidential business releated information of company that US –based cyber security with the other 18 countries were target and became the part of keystroke logger attacks.

LEADING CAUSE BY KEYLOGGER INFECTION:-

  • Trojan Horse
    Trojan horse is the malware that can be installed in your computer It is which some software language coding that it will be keylogger.
  • Spear phishing
    In spear phishing scams, fraudsters customize their attack emails with the target’s name, position, company, work phone number and other information in an attempt to trick the recipient into believing that they have a connection with the sender. The goal is the same as deceptive phishing: lure(attractive) the victim into clicking on a malicious URL or email attachment, so that they will hand over their personal

    *To Protect Against the spear phishing type scam, organizations should conduct ongoing employee security awareness training that, among other things, discourages users from publishing sensitive personal or corporate information on social media.
  • Drive-by-Downloads
    It is keylogger that install in your computer without your knowledge. The most common cause of the malicious websites that install silently some flies in the background.

HOW DO KEYLOGGER WORKS:-

  • Keylogger collects the confidentially information and send it backs to the third party whether that is criminal , law enforcement or IT department.
  • The amount of information that collected by the keylogger software can vary. The most basic form may only collect the information typed into a single website or application. Some other more variants of the keylogger are especially those targeted device like mobile , the record information (both call history, audio),information from message , GPS location, screen shots, microphone and camera capture.
  • Data Capture by the keylogger can be sent back to the attacker via email or upload the log data to defined the websites, databases or FTP servers. For the large attack that might be remotely log into your machine of the keystroke logger.

  • HOW HACKERS USE KEYLOGGER:-

    Today spyware such as keystroke logger are a common part of the cyber criminal that capture the user login credentials information such as username and password , banking details of credit card and debit card , personal information like emails , name, address , password or other sensitive business information around process or other intellectually property . They may steal information and use it as a part of attack depending and their motive or may be encrypt your data and demand for some ransome.

    They also used to steal information like PII (personally identifiable information) and other critical information related to individually or organization.

    FEW GOOD USES OF KEYLOGGER:-

    • Parental Control
      Parents can install a software keylogger to monitor their children activity of the internet. Like their location, browser history, access of particular internet time etc. that can track their children activity by installing a great software keylogger.
    • Security
      In the software/IT company to monitoring the employee online keyboard activity. Software keylogger can send the logs to predefined the emails which make it convenient for people to check the monitoring logs. In the real time keylogger activity that employers can spy on their staff desktop. Keylogger software are smart, powerful and invisible.
    • Spouse Activity tracking
      In such case you sense things indicating that your spouse is cheating , then you can use a keylogger for android cell phones that will enable you to know what the spouse is upto. In further the computer can also the spouse that you confidential data are spouse are not. Let it be another internet-powered program. i.e whats app, searching in mobile browser history, etc. So in all these the android keylogger apps can you help you track your spouse activity.

    TYPES OF KEYLOGGERS

    Mainly Keyloggers are of two types, i.e. :

    VIRUS

    SOFTWARE BASED KEYLOGGER:-

    • Unfortunately it is very hard to detect. It will be normally installed in your system / or any hard drive which is also called spy software.
    • It is usually a software program that are secretly installed in your computer by a hacker. It can be downloaded directly on the computer (by phishing attack) or remotely downloaded.
    • Mostly they collect the keyboard activity but also the take screenshots and clipboard logging as well.
    • Less common types of software kernel level include the ones based on the java script(attached with the websites), API is (running inside the computer) and web forms (record any data submitted to web forms)
    WORMS

    HARDWARE BASED KEYLOGGER:-

    • Hardware keylogger is made up of some tiny memory chip inserted in your device that is applied via your computer BIOS or else through the physical device plugged between your keyboard and computer . That information is stored in the tiny memory chip. Other hardware keylogger device are the pendrive (some software script),USB cable, CD/DVD drive, Charger connector etc)
    • Detection of the hardware keylogger is quiet impossible by using anti- spyware. So it becomes difficult for the outsiders to identify the existence of hardware keylogger if they don’t have the knowledge of the hardware keylogger, where it is installed and how it works.
    • But the hardware of keylogger function is up to some limit .

    HYBRIDS AND EXOTIC FORMS OF KEYLOGGERS:

    WORMS

    API-BASED KEYLOGGER:-

    It is the most common keylogger that keylogging software use the keyboard API(Short for application programming interface) to record your keystroke. Whatever your keyboard activity pressing key, a notification is sent to the application you are typed a character would appear on the screen. API- based keylogger intercept this notification and capture each of them as a event. That logs are then kept in a file on the system hard and drive to easy retrieve by hacker.
    WORMS

    FORM GRABBING-BASED KEYLOGGER:-

    The Grabbling based log form of keylogger mostly collect the web browsing of the data on submitting event. They intercept the information form notification to the entered in form. In which they include all details like name, address, email, phone no, login credentials, credit card no, debit card no, etc. This all take place as you press the “submit” or “enter” button and is completed before your data is submitted to websites.
    WORMS

    KERNEL-BASED KEYLOGGER:-

    As per the name the, kernel-based keylogger they inhibits the main core os your computer operating system(known as kernel), which is very difficult to detect and remove. They itself hide from your operating system and record your all keyboard activities and pass all these to the kernel. Because it is difficult to detect, these keylogger are most of software-based variety. They are distributed in the different section of malware like rootkits, malicious software that all can bypass the computer kernel and target the hardware.
    WORMS

    ACOUSTIC KEYLOGGER:-

    These keylogger are complex and very rarely used. They utilize the principles of acoustic cryptanalysis to record your keystrokes on the hardware level. No matter which keyboard you’re using, each key on it has a unique acoustic signature. That individual signatures can be determined by analyzing a sample through a variety of statistical methods. But here the result may not be accurate as compare to other types of keyloggers.

    HOW TO REMOVE A KEYLOGGER:-

    Sometimes a keylogger can identify and detected by the antivirus software, but some other are files of malicious coding can be difficult to detected and isolate into your system. Because of software-based keylogger are designed like legitimate software and thus the attacker are easily able to bypass the anti-malware or antivirus programs. So that some keylogger run at higher level of privilege than standard cyber security software which makes them next-to-impossible to detect and remove.

    If you found any suspicious activity in your computer then in the windows task manager. Check out the all active process activity in it. If something is ordinary then in process then to take a necessary step. You can check your system firewall for any suspicious activity, such as unusual amounts of ingoing/outgoing data.

    As with these the best way to safe from keylogger attacks is to use best anti-virus or anti-malware and regular scans of your computer system. To ensure that you are protected against the latest threats, you should configure your antivirus program to automatically download virus definition updates. Last but not the least, don’t open any link or attachment include suspicious emails as they might be invisible download of a keylogger, spyware , adware or any other type of malicious software.

    HOW TO PROTECT YOURSELF FROM KEYLOGGER:-

    1. Disable self-running files on external devices
    2. Disabling self-running files on externally connected devices such as USBs and restricting copying files to and form external to computers may reduce the possibility of infected.
    3. Have a strong password policy.
    4. The Best way for organization to stay safe is to ensure that their password is multifaceted and the two-factor authentication. So that it is difficult for the keystroke logger to bypass the password.
    5. Monitor resource allocation, process and data
    6. Observed resource allocation and background process on machines, as well as data being transmitted from the device outside the organization can help identify if a keylogger is present. Keylogger usually need root access to the machine.
    7. Always Use Virtual keyboard
    8. While typing your one time password or any input information use of virtual keyboard which is hard to detect the keystroke logger. This might will be impact user productivity against all kinds of keystroke monitoring software logger, and eliminate the cause of the problem.
    9. Keep anti-virus and anti-rootkit protection update.
    10. As Keylogger that through other form of the malware, discovering keylogger malware might that the indicator of terrific attack or infection. If your system is updated then antivirus protection and anti-rootkit will be remove known keylogger and any type of malware .
    11. Use anti-keylogger software
    12. Anti-logger software is designed to encrypt keystrokes as well as scan for and remove known loggers and unusually flag keylogging-like behavior on machine. To Block the rootkits access is the unauthorized application and blacklist known spyware application will also help.

    Resources & References:

    COMODO , ZERO UNNIVERSE , SOFTWARE LAB

    About Author :


    Twinkle Patel
    Twinkle Patel is eloquent public Speaker & Cyber Analyst. She has excellent catch on Python Programming & Networking, & also has good strength in field of Cyber Security domain which she uses promiently to aware people regarding various cyber Frauds in her Awareness Programmes. Currently she's pursuing Masters in CYBER Security and is an active blogger at CYBER4ALL.

    Top