Today, with the advent of a program called keylogger, it is just a cakewalk to hack an account. It doesn’t matther whether or not you have physical access to the victim’s computer. Using a keylogger is the easiest way to hack an account. Anyone with basic knowledge of computer can use the keylogger and within few hours you can hack any account.What is a keylogger?
A keylogger, also known as keystroke logger or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer’s keyboard. Keylogger is the easiest way to hack an account if you have physical access to victim’s computer.
A keylogger, also known as keystroke logger or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer’s keyboard. Keylogger is the easiest way to hack an account if you have physical access to victim’s computer.
Keyloggers can be divided into two categories, keylogging devices and keylogging software. Keyloggers which fall into the first category are usually small devices that can be fixed to the keyboard or placed within a cable or the computer itself. The keylogging software category is made up of dedicated programs designed to track and log keystrokes.
A keylogger is a hardware product or software utility that records every keystroke typed on the computer. It may simply log the keystrokes and require someone to manually retrieve the data, or it could be designed to automatically send the accumulated keylogger data an e-mail address.
Hardware keystroke loggers are usually a device of some sort that is plugged in to the computer and the keyboard. And observant or suspicious user will be able to visually inspect and find a keylogger such as this. However, some hardware based keyloggers are stealthy and may be built into the keyboard itself to remain undetected.
A software keyloggers normally consists of two files: DLL, which does all the work, and an EXE, which loads the DLL. Simple ones that are often invoked at boot via a registry entry. The more stealthy versions are invisible in the process list, the more it can operate at the kernel level and leave invisible registry entries.
The problem with keyloggers in a small business setting is the amount of data they will be able to access about your business and your clients. However, keyloggers have been used by some businesses in the past to monitor their employees to track what they are doing on the computer, and if any work is being done while they are at their desk.2 categories of Hardware-based keyloggers
Firmware-based: Physical and/or admin-level access is necessary to the computer, and the application loaded into the computer’s BIOS must be made for the particular hardware that it will be running on. BIOS-level firmware that manages keyboard actions can be modified to capture these events as they are processed.
Keyboard hardware: These keyloggers are used for capturing keyboard events by way of a hardware circuit that is attached anywhere linking the computer keyboard and the computer, naturally with the keyboard's cable connector. It logs all keyboard events to their own internal memory that can be accessed later. It is harder to detect because it can be installed or built into standard keyboards, making it invisible to user. The main advantage over a software kelogger is that it is not dependent on being installed on the computer's operating system and as a result it will not interfere with any applications running on the target computer and it cannot be detected by any anti keylogger software.5 categories of Software-based keyloggers
Hypervisor-based: Blue Pill is an example.This type of keylogger resides in a malware hypervisor operating underneath the operating system, which remains untouched. It successfully becomes a virtual machine.
Kernel-based: This process is difficult both to write and to combat. Such keyloggers exist in at the kernel level and are very hard to detect, particularly for user-mode programs. They are often implemented as rootkits that weaken the operating system kernel and get illegal access to the hardware, making them very powerful. It acts as a keyboard driver in some instance, and thus gain access to any information typed on the keyboard.
API-based: These types of keyloggers are the easiest to create, but where regular polling of each key is necessary, they can cause a obvious increase in CPU usage, and can also ignore the occasional key .These are hook keyboard APIs; in which the operating system then inform the keylogger each time a key is pressed and the keylogger basically records it.
Form Grabber based: This type of keylogger records web form data before it is submitted over the internet and avoids https encryption. Form Grabber-based logs web form inputs by recording the web browsing onSubmit event functions.
Packet analyzers: This process entails recording network traffic connected with HTTP POST events to collect unencrypted passwords.What a keylogger does?
Logs each keystroke a user types on a computer’s keyboard
Takes screenshots of user activity at predetermined time intervals or when a user types a character or clicks a mouse button.
Tracks user activity by logging window titles, names of launched applications, exact time of certain event occurrence and other specific information
Monitors online activity by recording addresses of visited websites, taken actions, entered keywords and other similar data
Records login names, details of various accounts, credit card numbers and passwords including those hidden by asterisks or blank space
Capture online chat conversation made in popular chat programs or instant messengers
Makes unauthorized copies of outgoing and incoming e-mail messages
Saves all collected information into a file on a hard disk, and then silently sends this file to a configurable e-mail address uploads it to a predefined FTP server or transfers it through a background Internet connection to a remote host. Gathered data can be encrypted.
Complicates its detection and removal by hiding active processes and concealing installed files. The uninstaller, if it exists, usually refuses to work if a user cannot specify a password.How keyloggers spread?
Keyloggers spread in much the same way that other malicious programs spread. Keyloggers are mostly spread using the following methods:
A keylogger can be installed when a user opens a file attached to an email;
It can also be installed when a file is launched from an open-access directory on a P2P network;
It can be installed via a web page script which exploits a browser’s vulnerability. The program will automatically be launched when a user visits an infected site;
It can be installed by another malicious program already present on the victim machine if the program is capable of downloading and installing other malware to the systemHow to protect a computer system form being infected with a keylogger?
Here are some few tips/ countermeasures that will help you preventing keyloggers in infecting to your computers:
Installing the best professional firewall or network monitoring softwares.
Installing a professional Antivirus program that adequately prevents access to viruses and Trojans
Selecting new passwords for online accounts and changing these passwords on a frequent basis.
Installing software to properly block spam form your email account
Resisting the temptation to open junk emails.
Resisting the temptation to click attachments in emails, regardless of how intriguing the subject heading may be.
Using a pop-up blocker to block pop-ups on your system.
Continually using software that scans and monitors any changes to your system or network.
Consider using anti-keylogging software.
Rebooting the computer using a Live CD/USB
Having Anti-Spyware softwares installed on your computer. These software can detect keyloggers, quarantine, disable and some even cleanse them.
Using an automatic form filler applications will remove the need for the user to type his personal details, credit card numbers and passwords using the keyboard
Using Security tokens or one-time passwords (OTP) prevents replay attacks in which a hacker uses the old account information to impersonate or enter to the system.
Using on screen keyboard and speech recognitionAppropriate usage of keyloggers
Developers and vendors offer a long list of cases in which it would be legal and appropriate to use keyloggers, including;
Parental control: parents can track what their children do on the Internet, and can opt to be notified if there are any attempts to access websites containing adult or otherwise inappropriate content;
Jealous spouses or partners can use keylogger to track the actions of their better half on the Internet if the suspect them of “virtual cheating”;
Company security: tracking the use of computer for non-work-related purposes, or the use of workstations after hours;
Company security: using keyloggers to track the input of keywords and phrases associated with commercial information which could damage the company (materially or otherwise) if disclosed;
Other security (e.g. law enforcement): using keylogger records to analyze and track incidents linked to the use of personal computers;
However, the justifications listed above are more subjective than objective; the situations can all be resolved using other methods. Additionally, any legitimate keylogging program can still be used with malicious or criminal intent. Today, keyloggers are mainly used to steal user data relating to various online payment systems, and virus writers are constantly writing new keylogger Trojans for this very purpose.
Furthermore, many keyloggers hide themselves in the system (i.e. they have rootkit functionality), which makes them fully-fledged Trojan programs.Click here to read more interesting articles
No comments:
Post a Comment