There are many programs installed on each computer designed to capture and save keystrokes. For example, any word processor such as Microsoft Word. However, what you type on the keyboard can be used against you. In this article we will tell you what a keylogger is and how it is used by cybercriminals for malicious purposes.
What is a keylogger?
A keylogger is a program that collects keystrokes and sends them to a third party for malicious purposes.
The key difference between a keylogger and a legitimate program is that it does not collect keystrokes for your benefit. Recordings of keystrokes are used by an attacker to his advantage.
Within this definition, there are several different types of keyloggers.
“Potentially unwanted” keylogger
A keylogger can be identified as a “PUP” (Potentially unwanted program, potentially unwanted program). Unlike malware that gets on the computer without the user’s knowledge, PUP is installed with the user’s consent. Such programs are often positioned as legal tools for monitoring children or employees, and theoretically have a legitimate application.
However, such keyloggers are also very often used for other purposes. An attacker with access to someone else’s device can install a keylogger without the owner’s knowledge for malicious purposes. This is common in tracking, harassment, blackmail, etc. Therefore, most antiviruses will detect these legitimate keyloggers as PUP.
Advertising keylogger
Such keyloggers collect keystrokes to:
launch targeted ads for you;
create your profile to better understand you as a target for advertising;
better understand your customer base.
Such programs collect browser search history and information about each site visited. Advertising keyloggers often go far beyond the simple registration of keystrokes and collect data such as browser history, browser name, software installed on the computer, user location, etc.
Usually these programs trick the user into installing them using various baits. For example, using the Adobe Flash Player installer is one of the most common, even now, when Flash is no longer relevant. As a rule, keyloggers are distributed in the form of Trojans, i.e. programs that the user fraudulently downloads and launches.
Malicious keyloggers
The most dangerous category of keyloggers. Such programs are designed only to steal your information. Malicious keyloggers are often used to collect confidential information – credentials, credit card numbers, social security numbers, etc.
Malicious keyloggers get on your computer in various ways:
Installing Trojans using bait;
Infecting a device through a browser vulnerability that allows you to execute arbitrary code;
Malware can be installed manually by an attacker who has gained physical or remote access to the machine.
In addition, most malicious spyware is not limited only to intercepting keystrokes and has keylogging capabilities as part of a complete package, which, among other things, includes:
collecting files;
screen capture;
capture video and audio via webcam and microphone;
execution of arbitrary commands.
Therefore, most of these malicious programs are no longer just keyloggers, but full-fledged spyware.
How to protect yourself from keyloggers?
Use antivirus software;
Use a strong password to log in to your computer;
If someone else uses the computer, then create a separate account for him and do not give him administrator rights.;
Be careful with what you download from the internet. Do not download anything from unknown sites;
Keep the system up to date. Install the latest updates regularly.
Following these rules is not a guarantee of security, but it will reduce the chances of infection and make it more difficult for an attacker to install malware on your device.