Keystroke Logger Definition
What Is Keystroke Logger?
Keystroke Logger, often shortens as a keylogger, is a piece of software or hardware that can record the keys struck on a keyboard and send the data to a remote controller (hacker), usually secretly. Therefore, people who use the keyboard don’t know that their actions on their computers are being monitored.
What is a Keylogger?
A keylogger is a software program or a hardware device that records or transmits a computer user’s keystrokes or periodic screenshots. In most situations, it is installed without the knowledge of the users.
While the keystroke logger apps are legal by themselves, by allowing employers to monitor the use of their computers, keyloggers are used to steal passwords, accounts names, and many other confidential statistics.
The action of recording or monitoring keyboard keys struck is called keystroke logging, keylogging, or keyboard capturing. Besides keystroke logging, key logger software may also monitor user information through the following ways.
- Clipboard logging: Capture everything copied to the clipboard.
- Programmatically capturing the text in a control of some passwords.
- Recording of all programs, folders, and windows opened including a screenshot of every website viewed.
- Recording of search engine queries, instant messenger conversations, FTP downloads, and other Internet-based activities, including bandwidth used.
- Screen logging: Take screenshots to capture graphics-based info.
Types of Keystroke Loggers
Just as mentioned above, there are two main groups of keyloggers, software and hardware. And, there are many types of key stroke loggers for each group.
Keyloggers Based on Software
- API-based keystroke loggers: They hook keyboards APIs, such as GetAsynKeyState() and GetForegroundWindow(), inside a running program and intercept keystrokes just like it is a normal part of the program instead of malware.
- Form-grabbing-based keyloggers: They log web form submissions by recording the form data on submit events.
- Hypervisor-based keystroke loggers: Theoretically, they can stay in a malware hypervisor running underneath the system that remains untouched like Blue Pill.
- Javascript-based keyloggers: They are malicious script tags injected into a targeted webpage and register keystrokes, onKeyUp() for example.
- Kernel-based keystroke loggers: They get root access to hide in the system and record keystrokes that pass through the kernel.
- Memory-injection-based keyloggers: MitB-based keyloggers carry out their recording by editing the memory tables associated with the browser or other system functions.
Keyloggers Based on Hardware
- Acoustic keyloggers: Acoustic cryptanalysis can be used to record the sounds created by people hitting the keyboard for each key on the keyboard makes a subtly different acoustic signature when struck.
- Body keystroke loggers: They track and analyze the body movements of a user to determine which keys have been pressed on a keyboard.
- Electromagnetic emissions: A wired keyboard’s Electromagnetic emissions, which can be captured from up to 20 meters away without being physically wired to it, can be used to restore the keystrokes.
- Firmware-based keyloggers: BIOS-level firmware that controls keyboard activities can be modified to monitor those activities.
- Keyboard hardware: Hardware keystroke loggers are used to record keystrokes using a circuit that is attached somewhere between the keyboard and the computer, typically in line with the keyboard’s cable connector.
- Keyboard overlays: They are designed to look like an integrated part of machines and are placed over the normal keypads to register keypresses.
- Optical surveillance: Optical surveillance can also be used to record keyboard struck.
- Smartphone sensors: Researchers have demonstrated that it is possible to capture the keypresses of nearby computer keyboards relying on only the commodity accelerometer found in cell phones.
- Wireless keyboard and mouse sniffers: These passive sniffers collect packets of data being transferred from a wireless keyboard and its receiver.
Keylogger Removal
Though it is difficult to detect and remove keystroke loggers for they adopting various technologies, it is still possible to remove certain types of keyloggers with specified countermeasures.
1. Anti-keyloggers – An anti-keyloggers is a kind of software that is designed to detect keystroke loggers on a computer.
2. Anti-spyware/Anti-virus Programs – Many security tools can detect some software based keyloggers and quarantine, disable, or remove them.
3. Automatic form filler Software – It may prevent keystroke logging by removing the requirement for a user to type personal details and passwords via keyboards.
4. Deceptive Typing – Alternating between typing the login credentials and typing characters somewhere else in the focus window can lead a keylogger to record more info than it is supposed to, thus preventing it from getting your personal data.
5. Handwriting Recognition and Mouse Gestures – Many PDAs and lately tablet PCs can convert pen (stylus) movements on their touchscreens to computer understandable text. Mouse gestures use this principle by using mouse movements instead of a stylus, thus to avoid using keyboard and data-stealing by keyloggers.
6. Keystroke Interference Apps – They attempt to trick keyloggers by inviting random keystrokes.
7. Live CD/USB – Rebooting the computer using a live CD or written protected live USB may disable keystroke loggers if the CD/USB is clean of malware. Yet, this is unworkable for hardware or BIOS-based keyloggers.
8. Macro Expanders/Recorders – With the help of many programs, a seemingly meaningless text can be expanded to a meaningful text and most of the time context-sensitively.
9. Network Monitors – Network monitors, also called reverse firewalls, can be used to alert the user whenever an application attempts to make a network connection.
10. On-screen Keyboards – Most on-screen keyboards fight against keyloggers by not involving keystrokes. Yet, it is vulnerable to software-based keyloggers who capture screenshots.
11. One-time Passwords (OTP) – Relying on one-time passwords may prevent unauthorized access to an account even if keystroke loggers exposed its login details.
12. Security Tokens – To access security token-protected info, you need both the security token (hardware) and the appropriate password. This makes it harder for keyloggers to break through such data.
13. Speech Recognition – Similar to on-screen keyboards, speech-to-text conversion programs can be used against keystroke loggers for there are no typing or mouse movements involved.