December 31, 2010

Key Loggers

In general keystroke loggers is the action of tracking the keys that are typed on a keyboard without letting the user know that their actions are being monitored. In its simplest form, a keylogger trojan is malicious, surreptitious software that monitors your keystrokes, logging them to a file and sending them off to remote attackers. They can be classified as Software key loggers and Hardware key loggers.  


Software Keyloggers reside inside the operating systems and it becomes a Virtual machine to read or write even at the kernel level which is very difficult to detect. They are frequently implemented as rootkits that subvert the operating system kernel and gain unauthorized access to the hardware, making them very powerful. A keylogger using this method can act as a keyboard driver for example, and thus gain access to any information typed on the keyboard as it goes to the operating system.
 Software keyloggers will use the following logging techniques: 

  • Clipboard logging
  • Screen logging
  • Logging the text when using or writing a program 
  • Recording the search engines, Instant messenger conversations, file downloads
  • Even Sound and Pictures are also logged or captured in advanced keyloggers. 
Hardware Keyloggers:

Keyboard loggers, Firmware keyloggers has some circuit attached in between the computer and the keyboard inline with the cable connector. Both types log all keyboard activity to their internal memory, which can be subsequently accessed. They are not dependent on being installed on the target computer's operating system and therefore will not interfere with any program running on the target machine or be detected by any software. With the improvement in technology they have been developed in to a level where they can even log the sound and video. Some of them are Key board overlays, Acoustic Key loggers, Wireless keyboard sniffers, Electromagnetic emissions.   


Key loggers may record all keystrokes, or they may be sophisticated enough to monitor for specific activity - like opening a web browser pointing to your online banking site. When the desired behavior is observed, the key logger goes into record mode, capturing your login user name and password.Key loggers and other forms of remote-access trojans tend to be the most determined malware, taking extra steps to stealth its presence, including through the use of rootkits.

Prevention is the best policy to avoid  key loggers and also there are many measures that we need to taketo prevent them. Also there are counter measures that can prevent the key logging techniques: 
  • Live CD/USB can be used as a counter measure against software key loggers and we have to make sure that the CD is free from malware and operating system is fully patched.
  • Use a good Anti-Virus program that has the option to prevent key loggers. 
  • Automatic form filler programs
  • One-time passwords (OTP)
  • On-screen keyboards are the best way to prevent key loggers 


0 comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

Twitter Delicious Facebook Digg Stumbleupon Favorites More