Keyloggers are applications that monitor a user’s keystrokes

Posted: November 24, 2012 in Articles, Glossary
Tags: , , ,

KeyloggersKeyloggers – are applications that monitor keyboard keystrokes and sends this information to a malicious user.

This can be done by mail or by sending directly to a server located anywhere in the global network. This information can then be used to collect email or other details from unsuspecting users, and perhaps even to obtain source code of programs at vendors.

Spyware-computer applications that could result in a pop-up ads, and the more serious violations of system security, including theft, recording keystrokes, changing the connection to the global network.

Spyware-applications generally fall into the system via a shareware software, based on the display of banners and advertising. Other sources include programs for messaging, various Peer-to-Peer applications, popular download-managers and hacker sites, and more. It should be noted that most spyware-application directed against the browser Microsoft Internet Explorer. Users of modern alternative web-browsers, such as Mozilla Firefox or Apple Safari, basically never exposed to spyware.

Implementation of the latest techniques used by spyware-applications that do not require any user interaction. Known as the “drive-by downloads” (downloadable on the fly), spyware-applications are delivered to the user’s computer without their knowledge, or when visiting a particular web-page, or when you open a compressed file, or when you click on a pop-up window containing the active element type ActiveX , Flash, etc. Spyware-ins can be contained even in the drivers for the new hardware.

Keyloggers

Methods of espionage

Espionage technique is very simple. Depending on the information collected keyloggers can function in different ways. Some of the spies gather information purely for marketing purposes, that would explore and analyze user tastes. Others are more dangerous. Keylogger tries to identify the information sent across the network using a unique identifier, such as a cookie, located on the user’s computer then sends a spy logs remote user or the server to collect information. This information typically includes the host name, ip-address, GUID, as well as user names, passwords and other sensitive data.

Types of Computer Spy

Keyloggers are divided into three types:

  • Hardware keyloggers.

These are small embedded devices, located between the keyboard and the computer. Because of their small size, they often go unnoticed for a long time, but they require physical access to the hardware. These devices can record hundreds of characters entered from the keyboard, including postal and bank details.

  • Applications with interceptor mechanism.

This type uses the Windows API SetWindowsHookEx (), which monitors reports of keys. Usually spyware-application consists of the exe-file that initiates the hook function, and the dll-file that controls the functions of recording information. Application that calls SetWindowsHookEx (), self-priming even can intercept passwords.

  • Driver-nuclear keyloggers.

This type of keylogger is at the kernel level and receives information directly from the input device (usually the keyboard). It replaces the core software that interprets the keystrokes. It can be programmed to be visible, taking advantage of the run at boot time, before the beginning of a user-level applications. Since the program started in the kernel, it is not self-priming can intercept passwords, because this information is passed to the application level. Removing them spy usually the most painful.

Links:

Protection against keyloggers

http://en.wikipedia.org/wiki/Hardware_keylogger

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s