Glossary

Keylogger: The Invisible Threat

What are keyloggers?
A keylogger is a small, simple application that is typically designed to run “invisibly” on a computer so as to avoid detection by the actual computer user. A keylogger does exactly as its name implies—it logs all keystrokes that are inputted by the user. More sophisticated versions of keyloggers can also capture screen shots and mouse clicks. Keyloggers are typically used by malicious attackers to gain access to passwords, financial information or other sensitive information that they can use for their gain.

How are keyloggers installed on your computer?
Keyloggers can be installed in a variety of ways. The easiest way for someone to install a keylogger is via actual physical access to the computer. For example, it can be installed when the user is not around. Keyloggers can also be installed as part of programs downloaded from the internet. Receiving an email with an attachment from “a known contact” is a common trick used to install keyloggers on the victim’s computers.

But how does the hacker get my info from the keylogger?
There are numerous ways to retrieve the logged info. Most keyloggers have an email feature, which typically mails the logged info at set times (such as once every 24 hours, once a week, etc.). If someone has access to your computer, they can simply use the program to download the text file and email it to themselves. Some sophisticated keyloggers allow users to simply insert a flash drive (formatted with a special code) that instantly downloads the logged information without any other input from the user. Others can use FTP or HTTP to upload the logged info to an FTP database or website. It’s also possible to get the job done with a Wi-Fi connection or via remote login from other computers.

Functions and features of a sophisticated keylogger
All keyloggers, even simple versions, perform one main function—they log all pressed keys. Some additional features in the sophisticated versions include:

  • Screenshots: Screenshots can be set to be taken at random or specific intervals.
  • Password unmasking: Some keyloggers can even capture your password even if it is typed in asterisks.
  • Clipboard snagging: Keyloggers can capture any text, photos or other content that is copied to the clipboard.
  • Activity tracking: Keyloggers can record all activity, including what folders you open, what music or video files you listen to, what websites you visit, instant message and chat conversations, downloads, internet searches, etc.

How to avoid keyloggers
Frequent anti-virus, anti-malware and anti-spyware scans will ensure that computers are free from keyloggers. Being aware of downloading files from untrusted sources will also help keep your system clean. If a computer is found to have a keylogger installed, it should be disconnected form the internet immediately so that no information can be sent remotely from the keylogger to a malicious attacker. Once the keylogger has been eliminated from the system, activities can be resumed as normal, but frequent scans should be scheduled for future safety.