What are keyloggers? Why are they a threat to us?

Keyloggers are a type of malware designed to monitor all the keystrokes you make. Actually, they are one of the oldest forms of threats within our modern computer era. Whether they are put to work on a legitime way or they got deployed to your computer illegally, you want to get rid of them in any case. Physical keyloggers are impossible to detect by software, only uncommon changes in detected (keyboard) hardware are, which is an approach some vendors dodgy embed in their solutions. We can help you choosing the right solution, but we will target software keyloggers in this article.

Our personal information is at risk when confronted with a keylogger. In fact, any individual or organisation that accesses, inputs or stores private information is at risk. They are ideal tools for industrial espionage or for accessing confidential data and can damage relationships, financial standing, and reputation as a result.

More than meets the eye

Even seemingly innocent information can be used as jumping-off point for bigger targeted attacks in the hands of a cybercriminal with perseverance. Eventually they will gather the information needed to start off their big hack / attack.

With that in mind, the detection alone has great value; you / your company may be victim of a long, well thought trough cyber attack.

Furthermore, when you got infected by keylogging malware, you maybe victim to other malicious programs since keyloggers are often packed with other malware as an option to capture your personal information.

But how can keyloggers end up on our machines without our notion? Traditionally, keyloggers have been pieces of software, which can be installed on a computer through a virus or as spyware. A common approach nowadays is the use  of spear phish attacks, where a user gets tricked into clicking a weblink which will eventually redirect them to a server analyzing the vulnerabilities on the users’ application, like a unpatched or out-of-date webbrowser.

Staying under the radar

A keylogger is one of the malicious types of malware trying to stay under the radar; nearly every keylogger has special techniques to keep stealthy. Keyloggers are present at either kernel- or user-level. Since user-level keyloggers mostly hook one of the Windows API functions to determine which key is pressed, they are fairly easy to detect. Kernel-level keyloggers focus on monitoring system calls. The latter family of keyloggers are more difficult to detect, but lately more sophisticated variants are to be found, like GPU enabled keyloggers.

Since most detection engines primarily support analysis of x86 code and mainly focus on main memory and CPU, the idea for malware to co-exist on (also) the GPU gains a lot of attention to malware engineers in their pursuit of staying stealthy.

How to protect / react?

When you already assume being fallen victim to malicious software, you will need the right tools to assist you cleaning up your computer. We can assist and direct you the right way.

If, however, you want to take preventive measures, we advise you to start off with usage of a strong anti-exploit solution. This, combined with an adequate anti-virus engine, may prove a perfect fit.

Please contact us via the support form to let us advise you. Have a nice day.