How to spot a keylogger

image

NAME: Keylogger

DEFINITION: Spyware device or program that records the keystrokes on a computer and saves them remotely or to a log file within the device

NATURE: Legal

TYPES

Software: ‘virtual’ program that intercepts keyboard strokes within an OS and stores them remotely

Hardware: physical device that intercepts keyboard strokes and saves them to a log file within it.

TRANSMISSION MODE

Software keylogger
1) Suspicious email attachments
2) Unsecure websites
3) Unsecure downloads
4) Manual installation

Hardware keylogger
1) Manual implantation

HOW IT WORKS

image

Software keylogger
Upon installation, it runs hidden process that records every keystroke of the keyboard and sends the log file containing the information to a location set by the attacker.

Some keyloggers may also discreetly take screenshots of the desktop and every site visited or may also activate your web camera.

Hardware keylogger

image

 

Image source: ghacks.net

Upon implantation, it records every keystroke and saves them to a log file within the device.
The attacker may retrieve the information either through a network connection, bluetooth or manually by dislodging the keylogger.

DETECTION
image

Software keylogger
1) Run an updated antivirus/anti-keylogger
2) Check for anything that looks out of place within your computer eg a newly created folder or driver

Hardware Keylogger
1) Physical check up of your computer’s hardware for any suspicious device lodged between the keyboard and computer

ELIMINATION
image

Software keylogger
1) Scan computer with an updated antivirus or anti-keylogger program
2) Format your harddrive (NOTE: this option will delete all your files)

 

Hardware keylogger
1) Replace or remove hardware component

 

PREVENTION
image

Software keylogger
1) Use a virtual keyboard
2) Avoid opening suspicious email attachments from suspicious sources no matter how enticing they may be
3) Avoid unsecure (free) wifi spots
4) Scan computer regularly with updated antivirus or anti keylogger programs
5) Use automatic form fillers to avoid physical typing
6) Master keystroke sequences of various keyloggers
7) Avoid lending out your computer’s administrator privileges
8) Avoid free downloads from unsecure sites
9) Use security browser add ons to verify the riskiness level of a website
10) Encrypt your data
11) Minimize accessing password related sites via unsecure networks

Hardware keyloggers
1) Use a virtual keylogger
2) Use automatic form fillers to avoid physical tying
3) Check for any suspicious devices connected between the keyboard and computer

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s