A keylogger, or key recorder, is used to record and log keystrokes on a keyboard. The technology as such is legal, but its use may be subject to all kinds of restrictions. These include, among other things, that the data may not be used for criminal purposes, that the person installing such keylogger on a device has right to do so, that data protection is taken into account, and that applicable laws must be observed.
Keyloggers are used to obtain access, financial, or personal data. However, they can also take screenshots, see everything that has been copied to the clipboard, and monitor all data transmitted over the Internet. That makes them a surveillance tool, and in the hand of the wrong people a rather nefarious one.
Keyloggers come in two common forms: hardware keyloggers and software keyloggers.
Hardware Keylogger
Hardware keyloggers are physical components and are rarely encountered in everyday life. They are either connected between the keyboard and the computer or built directly into the keyboard. This means that an attacker using such device to collect access data must have access to the respective end device.
Once installed, the keylogger records keystrokes in its internal memory and sends the data to the attacker if the device has a wireless module. Otherwise, the attacker must collect the device again to access the data.
Hardware keyloggers are used for corporate espionage and when it is known that the target device is not connected to the internet. You can protect yourself with strict access management to the respective rooms and with proper cable management.
However, there are also hardware keyloggers that have a camera and are placed in public areas such as libraries to record keystrokes.
Software Keylogger
Software keyloggers are computer programs that are installed on the hard drive of the target device. This malware is downloaded, for example, by visiting an infected website or clicking on a suspicious link.
Once installed, these programs run unnoticed in the background. They record the entries made and automatically send them to the attacker at regular intervals or are retrieved from outside.
The most widely used software keyloggers include:
- API-based keyloggers that record and log every keystroke and save it in a system file.
- Form keyloggers that log all text entered into website forms.
- Kernel-based keyloggers that embed themselves in the system kernel, enjoy administrator rights, and gain unrestricted access to everything entered into the system.
Proactive protection is crucial to keep devices free of keyloggers. This includes keeping the operating system and all software programs and browsers up to date. Installing internet security software can also help as such programs can warn users of an infection. It is important to update the security program regularly, preferably automatically. You should also never connect external hard drives or USB sticks to your computer.