What is a keylogger?

Keyloggers are a type of malware that can monitor your online behaviour. The monitoring is done through your keystrokes.

16-05-2022 - 5 minute read. Posted in: malware.

What is a keylogger?

Keyloggers are a type of malware that can monitor your online behaviour. The monitoring is done through your keystrokes.

Keystroke logging or keyloggers

Keyloggers are in the malware family, like viruses, trojans, adware and spyware. A keylogger is hardware or software that records all input from a computer's keyboard. It is used to monitor the user whose computer is infected with the keylogger.

The term "a keylogger" is divided into two definitions:

  • Keyboard logging: The recording of every keystroke on a keyboard.
  • Keylogger tools: Devices or programs used to log (record) keystrokes.

Keyloggers are used in everything from Microsoft products and parental controls, to your own employer's computers and servers. Unfortunately, keyloggers are also used by hackers to monitor unsuspecting individuals and steal their personal information or sensitive data.

How keyloggers steal your data

Keylogging is the act of tracking and recording every keystroke typed on a computer, perhaps without the user's permission or knowledge. A "keystroke" is any interaction you make with a button on your keyboard.

Each keystroke sends a signal that tells computer programs what to do.

Keylogger tools can be either hardware or software designed to automate the process of keystroke logging. These tools record the data sent by each keystroke in a text file.

All files containing information from keystrokes can be stored on the victim's computer or automatically sent to a predefined email address. It is this text file that a third party can read. In illegal contexts, it is the cyber criminals who read the text files and use the information for malicious purposes.

Some tools can monitor just about anything, from elements of your clipboard, GPS data, passwords and email addresses to bank details, credit card numbers and even microphone or camera recordings.

Software keyloggers vs. hardware keyloggers

Software keyloggers

Software keyloggers are computer programs or services that are installed on your device's hard drive. Common keylogger software types are:

  • API-based keylogger: This keylogger directly captures the signals sent from each keystroke to the application you are typing in.

Application programming interfaces (APIs) allow software developers and hardware manufacturers to speak the same "language" and interact with each other. API keyloggers take advantage of APIs and record each keystroke in a system file.

  • "Form grabbing"-based keylogger: It records all text entered into login forms on websites after you submit them to the server. Data is recorded locally before being transferred online to the web server.
  • "Kernel-based" keylogger: It works into the operating system kernel to obtain permissions at the administrator level. These keyloggers can gain unrestricted access to anything entered into your system.

Hardware keyloggers

A hardware keylogger is a physical component that is built into or connected to your device. The most common types of hardware keyloggers plug into your computer's keyboard port, which connects to the keyboard cable. These include:

  • Keyboard keylogger: It can be located in the same place as your keyboard's connection cable or built into the keyboard itself. This is the most direct form of monitoring and recording your typing on the computer.
  • Concealed camera keylogger: It can be placed in public spaces like libraries to visually track keystrokes.
  • USB disk-loaded keylogger: It can be in the form of a Trojan horse that installs keylogger malware when the USB is connected to your device.

Consequences of stolen information

The consequence of a keylogger is that it records and stores sensitive information in files before they can be encrypted in hashes on the Internet.

What happens is that a website, such as a social media site or an online bank, stores your private information in hashes, which are encrypted versions of your information. So websites only have encrypted versions of your information and not the readable information.

But if your computer has been infected with a keylogger, hackers can bypass this security measure. When you type in a username and password, the keylogger records these keystrokes before they reach the encryption stage.

Your stolen information can be used by cyber criminals to steal money or possibly commit identity theft. The more information they can collect, the more likely you are to lose all rights over your information.

Update your devices regularly

The best defence against a keylogger is to prevent it from finding its way onto your computer. Keyloggers find their way to your device like any other form of malicious malware. This often happens through security holes in your computer's software. The best way to protect yourself is by keeping your computer constantly updated with the latest security software.

Software updates often include new features that fix vulnerabilities in old software versions. Updating your computer regularly will reduce the risk of keyloggers as well as other forms of malware.

Use a reliable antivirus program

One of the best ways to protect yourself from keyloggers is to use a good antivirus program. Keyloggers and other malware often reside on fake websites or in phishing links. If you download a malware-infected program or click on a link in a phishing email, an antivirus program may detect that malware has entered your computer.

Some types of malware are very difficult for antivirus software to detect, but you can significantly increase your protection by installing antivirus and anti-malware software.

Use a password manager

The whole point of a keylogger is keying. A keylogger can only log and steal data from you when you enter things on your computer. Therefore, good protection can be achieved by using a password manager.

Password managers automatically store your login details, including password and username, and automatically fill in this information when you want to log in to an account. You do not enter the personal information yourself and it cannot be monitored.

Author Sofie Meyer

About the author

Sofie Meyer is a copywriter and phishing aficionado here at Moxso. She has a master´s degree in Danish and a great interest in cybercrime, which resulted in a master thesis project on phishing.

Similar posts