Keyloggers and Spyware

KEYLOGGER

keylogger.png



A keylogger is a software that has the capability to record every keystroke you make to a log file, usually encrypted. A keylogger recorder can record instant messages, e-mail, and any information you type at any time using your keyboard. The log file created by the keylogger can then be sent to a specified receiver. Some keylogger programs will also record any e-mail addresses you use and Web site URLs you visit.

TYPES OF KEYLOGGER



There are two types of keyloggers available:


SOFTWARE BASED - A software keylogger is a software made up of dedicated programs designed to track and log keystrokes that needs to be installed on the computer.
HARDWARE BASED - A Hardware keyloggers comes in USB models. Hardware keyloggers commonly have storage capacity ranging from 64KB to 4MB



WORKING

1. Working of Hardware Keylogger

using_keylogger2.gif





Unlike the software keylogger, a hardware keylogger do not depend on any of the software program for its operation as they function at the hardware level itself. A hardware keylogger acts as an interface between the computer and the computer’s keyboard. The device has a built-in memory in which all the recorded keystrokes are stored. They are designed to work with PS/2 keyboards, and more recently with USB keyboards.


2. Working of Software Keylogger


Once the keylogger is installed on a PC, it starts operating in the background (stealth mode) and captures every keystroke of the target computer.


ADVANTAGE


1. Hardware Keyloggers


  • Hardware keyloggers are easy to install and uninstall.
  • Since it operates at the hardware level itself, it is fully compatible with all the operating systems like Windows and UNIX.
  • Unlike a software keylogger, it cannot be detected by anti-spywares and anti-keyloggers.
  • Hardware keyloggers are also known to come in the form of a spy keyboard where the keylogger unit is built into the keyboard itself. This will eliminate the need to install a separate device between the keyboard and the computer.

2. Software Keyloggers


There are lots of advantages of installing tis software program. They're as follows:
• You can monitor the websites that the person visits. You can also view all the talks on the social media websites contributing to the trade associated with e-mails. You may also expose the actual passwords as well as be aware of details of the online buying.
• The software automatically information all the keystrokes in a log document as well as submits this towards the host. It can be as a contact or the destination drive chosen by the user.
• The actual logs have been in the actual encoded type therefore; it is very a hardship on an individual apart from the consumer to comprehend.
• When the person gets the record, they're instantly decrypted and obtain them in the form of html file or the source selected.
• Installing the software is an extremely easy process as well as within couple of days, you will get used to this.


DISADVANTAGE


1. Software Keyloggers


* Software keyloggers have a disadvantage as they do not begin logging from the moment a computer is turned on and are therefore not able to collect a BIOS password for instance.
* Software keyloggers can be easily detected by some anti-keylogger softwares.

2. Hardware Keyloggers

  • Hardware keyloggers are only limited to capturing keystrokes while a high-end software keylogger can capture screenshots, browser activities, IM conversations and many more.
  • Physical access to the target computer is a must in order to install the hardware keylogger, whereas some software keyloggers come with a remote install/uninstall feature.
  • In case of a software keylogger, it is possible to access the logs remotely as they are emailed on a regular basis while this is not possible in case of a hardware keylogger.



SPREADING



* A keylogger can be installed when a user opens a file attached to an email.
* A keylogger can be installed when a file is launched from an open-access directory on a P2P network.
* A keylogger can be installed via a web page script which exploits a browser vulnerability. The program will automatically be launched when a user visits a infected site.
* A keylogger can be installed by another malicious program already present on the victim machine, if the program is capable of downloading and installing other malware to the system.


PROTECTION

Spyware-LowRes.jpg


* Use caution when opening attachments – files received via email, P2P networks, chat, social networks, or even text messages (for mobile devices) can be embedded with malicious software that has a keylogger.
* Watch your passwords – Consider using one-time passwords and make sure key sites you log into offer two-step verification.
* Try an alternative keyboard layout – Most of the keylogger software available is based on the traditional QWERTY layout so if you use a keyboard layout such as DVORAK, the captured keystrokes does not make sense unless converted.
* Using Anti-Keylogging Softwares- Some antispyware programs detect keyloggers.
* A final defense against keyloggers is a firewall that detects outbound traffic. A firewall can alert the user to unauthorized attempts to transmit data to the Internet


DETECTION

1. Hardware Keyloggers


Hardware keyloggers cannot be detected by software. If you suspect a hardware keylogger is present on your system, inspecting the keyboard's connection to the computer, or replacing the keyboard will solve the problem.


2. Software Keyloggers


* Software keyloggers can be easily detectable by using some Anti-Keylogger softwares like:

# KEYSCRAMBLE
# ZEMANA ANTILOGGER
# KL-DETECTOR

WHICH KEYLOGGER IS THE BEST?


Today, there exists hundreds of keyloggers on the market and most of them are no more than a scam. But few of the best keyloggers are:
* Ardamax
* Realtime Spy


SPYWARES

spyware_icon.jpg


Spyware is any software that obtains information from a PC without the user’s knowledge. It performs certain behaviors, generally without appropriately obtaining your consent first, such as:

1. Advertising

2. Collecting personal information

3. Changing the configuration of your computer

Spyware is often associated with software that displays advertisements (called adware) or software that tracks personal or sensitive information.


Working

  • Once downloaded on the computer, spyware can monitor the keystrokes, scan through the files on the hard drive, read cookies or open applications and transfer information over the Internet to an unknown third party. Profiles set up by the spyware allow for pop-up advertisements to appear on the computer without a browser being open.
  • Spyware uses the memory and resources on the computer to function, collect data and relay information over the Internet. This results in a loss of system stability on the computer.


Spreading

spyware-1.jpg

  • Downloading online content — Some spyware comes attached to free programs or content consumers might download from the web in order to get around paying for a legitimate copy. Identity thieves may prey on that desire and include any manner of malware along with these programs.
  • External devices — It’s possible to load spyware onto a computer by plugging in a USB drive that has the malware installed.
  • Phishing — Phishing is a broad term designed to describe instances in which a hacker looks to deceive computer users through deceptive emails, websites or other content.


Types


1. ParasiteWare

2. Adware

3. Spyware

4. Malware

5. Page Hijackers


Reference Videos



Authors

  • Siddharth Sharma 2014104
  • Mayank Attri 2014063
  • Ujjwal Kanodia 2014111
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License