Keystroke logging, or keylogging, is the process of recording the different keys that a person touches while typing on a computer keyboard. Malicious third parties may use keyloggers, often downloaded via the Internet without the computer owner’s knowledge, to monitor the online activities of their unsuspecting victims. Keylogger software, although used in some legitimate circumstances with the consent of the authorized account user, is a common component of spyware that cybercriminals use to gather sensitive information that is typed out online. There are a number of steps that can be taken to avoid, detect and remove a keylogger.
What are keyloggers?
A keylogger, whether installed in a covert or overt manner, monitors information that is typed on a computer keyboard and records it for later use. Most keyloggers, whether used by legitimate parties or cybercriminals, are computer programs that gather information from the moment that the machine is turned on until the time that the device is shut down. Hardware keyloggers, although rare, also exist but these devices must be manually installed onto an electronic device without the person who owns the computer noticing. Keyloggers, whether of the software or hardware variety, tend to use the victim’s Internet connection to transfer the stolen information onto another computer.
What are hardware keyloggers?
Most keyloggers are software-based, meaning that they are computer programs that run off of hardware, while others are hardware-based devices that are attached to the machine via a connection port. Hardware keyloggers, often installed on a flash-drive and connected to a computer via a USB port, record everything that is typed on the keyboard and save the information to their internal memory. Firmware keyloggers are created by reprogramming the computer’s BIOS, keyboard overlays collect keystroke information when they are placed over the real keyboard while wireless keylogger sniffers intercept data sent from wireless keyboards.
How do keyloggers infect computers?
Keyloggers, like most forms of spyware, are downloaded by accident or installed on a computer by hackers who have exploited a security weakness. This form of spyware, that is a type of computer program which gathers information by covert means, can be used to steal passwords and bank details. A common route of infection is via a Trojan horse, named after the wooden horse that was used at the Siege of Troy, which includes a keylogger in its payload of malicious software. Trojan horses are a type of malware, disguised as harmless software, that use subterfuge to infect a computer with viruses and spyware that can damage the machine or harvest sensitive information.
Detecting a keylogger
Conventional anti-malware products, developed by cybersecurity experts who are engaged in a virtual arms-race with cybercriminals who create malicious computer programs, may be incapable of detecting a keylogger that has infected a computer. Those using Microsoft operating systems, which tend to be the most vulnerable to security threats, should check the Startup menu to determine whether or not any unusual programs have been running since the computer was booted. Inspecting background processes, via Task Manager, may also help to identify any suspicious software that has appeared on the device. Keyloggers, once detected, should be removed from the infected computer.
Removing a keylogger
It is possible to remove keyloggers, which may be avoided by steering clear of suspicious websites or by refusing to download files from unverified sources, with specialist anti-malware software that can eliminate spyware and viruses that operate under the radar. Keyloggers are often delivered via rootkits and Bitdefender Rootkit Remover, Kaspersky Security Scan as well as Sophos Rootkit Removal are excellent examples of anti-malware products that can detect and remove keyloggers from compromised electronic devices.
