Keystroke logging is often reffered as keylogging. It is used to monitor key struck on victim computer or mobile without their knowledge. Although keyloggers used for good purpose in IT organizations to troubleshoot problems. Many of them used for illegel purposes
Keyloggers is invented by soviet union(now russia) in mid 1970 and deployed a hardware keylogger targeting a typewriters. Termed the selectric bug, It measured the movents of print head of IBM selectric typewriters via subtle influences on the regional magnectic field caused by rotation and movement of print head. An eraly keylogger is written by perry kivolowitz and posted to usenet newsgroup net.unixwizards,net.sources on november 17 1983.The posting seems to be movtivating factor in restricting access to /dev/kmen on unix system. The user mode program operated by locating and dumping character lists as they assembled in unix kernal. In 1970 , spies installed keyloggers in us em bassy and consulate building in moscow. They installed bugs in selectric II and selectric III electric typewriters
Types of keyloggers
- Software keyloggers
- Hardware Keyloggers
Remot- access software keyloggers can allow access to locally recorded data from a remote location. This communication can happen by using one of the following methods:
- Uploading the data to a website, database or FTP server.
- Periodically emailing data to a predefined email address.
- Wirelessly transmitting data through an attached hardware system.
- Software enabling remote login to your local machine.
Additional features that some software keyloggers come with can capture additional information without requiring any keyboard key presses as input. They include:
- Clipboard logging – Anything that can be copied to the clipboard is captured.
- Screen logging – Randomly timed screenshots of your computer screen are logged.
- Control text capture – The Windows API allows for programs to request the text value of some controls, meaning that your password may be captured even if behind a password mask (the asterisks you see when you type your password into a form).
- Activity tracking – Recording of which folders, programs and windows are opened and also possibly screenshots of each.
- Recording of search engine queries, instant message conversations, FTP downloads along with any other internet activities.
Hardware-based keyloggers can monitor your activities without any software being installed at all. Examples of these include:
- Keyboard hardware – These loggers take the form of a piece of hardware inserted somewhere between the computer keyboard and the computer, typically along the keyboard’s cable connection. There are of course more advanced implementation methods that would prevent any device from being visible externally. This type of hardware keylogger is advantageous because it is not dependent on any software nor can it be detected by any software.
- Wireless keyboard sniffers – It is possible for the signals sent from a wireless keyboard to its receiver to be intercepted by a wireless sniffer.
- Keyboard overlays – Overlays are popular in ATM theft cases where thieves capture a user’s PIN number. This device is designed to blend in with the machine so that people are unaware of its presence.
How Can I Detect and Remove a Keylogger?
There are a variety of ways to detect a keylogger, though none are a catchall, so if you have reason to suspect your computer has a keylogger, we recommend trying a variety of these tactics:
- Begin by running your antivirus, which can often detect a keylogger on your system.
- Run a program like Spybot Search and Destroy or MalwareBytes to check for certain types.
- Check your task list by pressing ctrl+alt+del in Windows. Examine the tasks running, and if you are unfamiliar with any of them, look them up on a search engine.
- Scan your hard disk for the most recent files stored. Look at the contents of any files that update often, as they might be logs.
- Use your system configuration utility to view which programs are loaded at computer start-up. You can access this list by typing “msconfig” into the run box.