Security Spotlight:A Closer Look at Malicious Keyloggers

Posted on April 13, 2010. Filed under: Everything Else | Tags: |

Part of iolo’s ongoing series exposing malicious software

Malicious Keyloggers

With iolo’s Security Spotlight series, you can read about the various malicious programs that infect computers, destroy data and steal personal information, and get some valuable pointers on how to protect yourself.

Knowledge is power—knowing more about what the high-tech vandals are up to can give you a powerful defense against their tactics.

This part of the series takes a closer look at a stealthy type of malware often used in financial cybercrimes, keyloggers.

What is a keylogger?

A keylogger, also called a keystroke logger, captures all of the keystrokes you make on your keyboard. A criminal can see your passwords, bank account information, credit card numbers, personal email and instant messaging conversations—any and every thing that you type is covertly captured.

How it works is that as you type, all of your keystrokes are saved to a small file that is then silently sent to an email address, web site or waiting server. The hacker can then sift through the data, pull out all the private information needed to access your financial accounts and begin the theft.

A little history
Early keyloggers were designed for legitimate monitoring purposes, such as for parents wishing to track their children’s computer activity (and legitimate keyloggers—software that is intentionally and knowingly installed—are still in use today). However, it didn’t take long for criminals to see the potential of this technology; malicious keyloggers first began to appear in the early 1990s.

Keyloggers of today
Today’s malicious files are more and more often being designed with a profit motive, and keyloggers are a perfect example of this growing trend—the creators of modern keyloggers don’t want to destroy data or cause havoc; they just want to steal money.

Some infamous keyloggers

  • From 2005 to 2006, a large criminal ring in Brazil captured people’s bank user IDs and passwords through the use of keyloggers. Before the group of 55 thieves was caught and arrested, an estimated $4.7 million was stolen from 200 different accounts.
  • In 2005, Joe Lopez, the owner of a small computer supply company in Florida, sued his bank after hackers stole $90,000 from his business account through the use of a keylogger. Initially the bank refused to return the stolen money, asserting that the theft was due to a security breach of Lopez’s computer, not the bank’s. The case was eventually settled out of court.

Where do keyloggers come from?

To install keyloggers, cyber criminals typically exploit the tools we use to communicate over the web: email, instant messaging and social networking sites are the most common ways these malicious programs are distributed. The thieves send attachments or links that, if clicked, install the keylogger. Keyloggers are also often hidden inside of malicious trojans—and it’s easy to be tricked into installing a trojan because it disguises itself as program that serves a beneficial purpose. (Click here to read more about trojans.)

Another common source of keylogger infections are peer-to-peer (P2P) file-sharing networks. These networks allow users to share their own digital content and download the content of others, but unfortunately hackers often use P2P networks to “share” keyloggers and other malware that appear to be useful but in reality are very dangerous.

What do keyloggers do?

Keyloggers are designed to steal—your login credentials, your personal data, and ultimately your money. Once your name and login information are known, it’s easy for hackers to begin the theft; keylogger-based crimes typically involve setting up wire transfers from people’s back accounts or making online purchases with stolen credit card numbers.

While other types of malware can waste system resources, conflict with valid programs and generally just slow your PC down, keyloggers are much more stealthy and are designed to hide themselves unobtrusively: you can’t tell when a keylogger is installed. The infiltration may only be discovered when mysterious charges appear on your credit card or your bank account is emptied.

How you can protect yourself

  • Think before you click. Many keyloggers are sent through email, social networking postings and instant messages. And the more sophisticated criminals know better than to use an unknown name—often these malicious messages will arrive under the guise of someone you know. Avoid the temptation to be “click happy”: think before you click and if anything looks a little off, check with your contact to make sure they sent it to you.
  • Be cautious of peer-to-peer sites. There are dozens of file-sharing networks out there that offer free access to files. And every one of them is full of keyloggers, viruses and every other form of malware that exists. Either avoid these sites or use them with caution: you’re not getting something for free if your bank account ends up getting wiped out.
  • Use anti-malware software. Even with the most diligent preventative measures, malware can still find its way onto your computer. Install and run anti-malware software and turn on the program’s “real-time” feature: this will detect and block a keylogger from sending information from your computer.




Make a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: