Keyloggers

Keyloggers Directory

A keylogger identifies the application that you use, the website you typed into the browser, and the user name and password used to access your bank account. The information is usually stored in a hidden file on your computer.


Keyloggers: Stealing Your Password One Keystroke at a Time

Keyloggers are malicious programs that run in the background of your computer. They log each keystroke and store the values in a file. The file is then sent to a hacker’s server where they can read the program you were using, the words and phrases you typed, and any websites you browsed. Keyloggers are the main programs used to steal user names and passwords and gain access to personal website information on the Internet.


Spying Icon

A Brief History of Keyloggers

Keyloggers were originally created to monitor child activity on the Internet. Parents would install a keylogger to review their child’s activity including IM conversations or websites browsed. The intention was originally harmless and protected children, but malware creators spun the intention into something more malicious.

Keyloggers morphed into password-stealing viruses that ran in the background of a computer. The user was never able to detect the program, because it ran silently with no indication of malware. Some keyloggers were even so well created that they didn’t show in the Services section of the Windows Control Panel. This means that even a user who believed that something was wrong wouldn’t be able to detect the keylogger by browsing computer resources.

With access to keystrokers, hackers then began to use them to gain access to bank accounts, email, or any numerous websites that require a user name and password. Even if users used an encrypted address or took all the necessary precautions while online, the keylogger left them vulnerable. The result was numerous victims had credit card numbers stolen and bank account money withdrawn.


Money Icon

What Do Keyloggers Do?

Think about how you navigate the web when you want to access a bank account. First, you open a browser. Then, you type the website address for your bank into the browser. When the bank page opens, you type a user name and password into the website to open your bank account.

With the above example, a keylogger identifies the application that you use, the website you typed into the browser, and the user name and password used to access your bank account. The information is usually stored in a hidden file on your computer. This file continues to store keystrokes and applications in the file until a certain amount of time passes. Once enough time passes, the file is automatically uploaded to a web server on the Internet. This web server is usually an FTP server, which is a file server that hosts files where users can share and download them. The FTP server is under the hacker’s control, so he checks the FTP server each day for updated data from the keylogger.

The result is that your data is completely exposed. If the FTP server isn’t secure or the server itself gets hacked, your information is leaded to even more malicious hackers on the web. Usually, the hacker has keyloggers installed on numerous computers, so several files are gathered. The information is either used to steal money from the user, or the hacker can sell the content on the black market for a large sum of money.

More recently, keyloggers have been used to gain access to websites. The attacker steals the website’s hosting credentials or registrar information. When the attacker gets access to the website, he is able to add his own content, forward visitors to his own site, or just delete important web files. If the hacker is able to access the registrar, he can forward the domain to his own account. Both instances are extremely frustrating and devastating to a webmaster that runs a successful website.


How to Avoid Keyloggers

Keyloggers are installed using a hacking method called a “drive by.” They usually take advantage of users who don’t know enough to block Java from running on the browser. When you access a web page that runs a Java applet, the browser displays a warning message that says the page wants to run Java. Users click “OK” to allow the Java applet to run, and instead of displaying something useful, a keylogger is installed on the computer. This is the essence of a Java drive by.

The first step to avoid this type of malware installation is to avoid websites that host malware, but you can’t always avoid websites when you’re researching. However, your browser has security settings that you can use to always display a popup whenever a web page wants to run Java on your computer. Unless you know the website, always choose to block web pages using Java. It used to be that Java was a common way to run applets on a website, but it’s no longer the de facto for animations and interactive content.

With HTML5, Java is no longer needed, so you can safely avoid all Java applets without missing important web page content.

It goes without saying that you need a good antivirus if you browse questionable parts of the web. Any popups from the browser should be used as a way to block malicious content.

Another common way hackers gain access to install a keylogger is to send an email to several recipients with a link to a website that hosts the malicious content. The email could even use logos from common, trusted websites such as PayPal, Ebay or Google. Instead of clicking a link in an email, type the website directly in the browser.


Removing Keyloggers

Because keyloggers are silent background programs running on a computer, most users don’t know that they have malware installed until it’s too late. The most common symptom is someone accessing your private accounts such as a bank account, credit card account, email, or even a common shopping website.

At first, the victim doesn’t understand how the hacker was able to access private information. If this happens, the first thing to do is install the latest definition files for your antivirus software. These definition files contain the latest threats, which likely include the keylogger. After the definition files are installed, run a full scan on the computer to remove the malware.

© Solvusoft Corporation 2011-2023. All Rights Reserved.