…And How To Protect Yourself From Them
This is the first of a regular series of articles to be written by guest authors. This time around, Gary Smith from “Keylogger Reviews” tells us about the risks of keyloggers, and what you can do to protect yourself. While edited for house style, the work is entirely that of the author.
Keyloggers are sneaky programs that are usually silently installed on your computer without your awareness. Once they are in, they capture everything that is happening and send this information to the “hacker” via email or an internet-based server set up especially to receive your details.
I thought that I was safe…I heard stories that people got hacked in the past but never took them seriously. I thought that the hacker simply guessed the password or something similar.
However one day a friend showed me the log file from a computer that he had infected with a keylogger.
In few minutes of scrolling and searching trough this file we had access to a Facebook account, a few email accounts, found credit card information and a paypal password. We could also read private chats on MSN and Skype. But this was just the tip of the iceberg, there was a lot more that we could dig up since the log file contains everything that has been typed on the keyboard since the installation of the keylogger.
Everyone can use keyloggers these days…
There are over 50 different websites that sell keyloggers on the internet. The monitoring tools they offer are so simple that even your grandmother can install and use them to spy on you.
These keyloggers can usually monitor:
- Everything that has been typed on the keyboard. This includes, things that were coped and pasted, passwords, credit card info, emails – send and received, private chats and etc.
- Voice and video recordings from the microphone and webcam. However most of the time they have these features disabled because recordings take way too much space and are hard to send over the internet un-noticed.
- Websites visited and files accessed. With screenshots of your browsing activity.
I thought that my antivirus programs will protect me…
It depends. Some antivirus programs can detect all known keyloggers, but it’s the ones that aren’t known you need to worry about, and it turns out that anti-virus programs are not 100% effective at detecting keyloggers, particularly if they are already installed before the antivirus solution. Hackers can also make a few modifications in the code of an old and detectable keylogger to hide it from some antivirus programs.
While the details are sometimes a bit too complex to go into in this article… it is possible and hackers do this all the time. However, once the “new” keylogger is detected on one computer, the modified code is remembered and shared, which means that the new keylogger is now detectable everywhere.
How can your computer get infected by a keylogger?
Well there are many ways to get infected by a keylogger, here are some of the most common ones:
- A person you know might install one on your computer while you are not watching.
- By using an infected USB device.
- From downloading cracks or keygens from the internet. These files often contain viruses or keyloggers.
- By Installing games or software from unknown publishers.
- From Downloading and Installing programs from torrents.
- By visiting a website that exploits some browser vulnerability, this usually happens when you are using an outdated browser or have outdated plugins in a browser, or your operating system is not up-to-date with the latest security patches.
So, as you can see, there are many different ways to get infected. If you are regularly downloading games and software from torrents then your computer is probably infected right now.
Again… we know this because it has been seen on real users computers. The friend I was talking about earlier was spreading his keyloggers through warez and torrents, he infected over 1000 people and was getting over 50 megabytes of log files per day.
Should you be worried?
Keyloggers are always a threat, however they are only a real threat if you have something valuable on your computer, for instance you can be less worried if you are using a PC for basic (non-banking and online shopping) web surfing and game play.
If you are using your computer for serious things, such as online shopping or banking, or at any point storing valuable data, then you need to take security very seriously indeed.
MMORPG gamers beware!
The most common keylogger victims are people that are playing MMORPG games like World of Warcraft and Shaiya. You can be playing for years, working on collecting gold and equipment just to wake up one day with nothing on your account.
Website owners beware!
Keyloggers can be also really scary if you are running an online business because someone can simply take down your website or install a malicious code that abuses your hosting server.
So How Do You Protect Yourself From Keyloggers?
Solution #1: Anti Virus
Getting an anti-virus program is a must if you are using torrents to download video games or software. However, there is not a single program that can protect you from all the threats out there, they usually detect less than 90% and if you have some really important and sensitive information on your computer then those 10% left can seem pretty serious. And in that case I suggest that you also use some of the other protection tips below.
Solution #2: Prevention
Stop downloading suspicious things from unknown software developers. Only install something when you really need it and don’t risk your security for the next calorie counter or youtube downloader.
A great way to way to bypass this problem is to find a web based software alternative that you don’t have to install on your computer.
Solution #3: Using a Virtual Machine
“Open the safety threats in a safe and closed environment”
There are programs like virtual box and vmware that allow you to run multiple operating systems on one pc in the same time. You install the safe things in the main operating system and you install everything that might contain a keylogger in a virtual machine.
Solution #4: Using The On Screen Keyboard To Type Passwords
Keyloggers work by recording the keys pressed on the keyboard. You can bypass this system by using the mouse to write the important information. Have you ever heard about the on screen keyboard that comes with windows?
Just hit start and search for “on screen keyboard”, run it and you will see this:
The problem with this method is that it can be really slow and painful for long term use. So I only use this when I type my password on the most important websites or when using another computer.
Solution #5: Use Linux
This is by far the best protection from spyware, viruses and keyloggers!
You can search for a Linux keylogger in the darkest corners of the internet and you still won’t find a decent one. In contrast, when you search for mac or windows keyloggers, there are hundreds of options that you can choose from.
I would suggest using Ubuntu for a week to see how it goes. The biggest disadvantage of Linux is the incompatibility with popular games and software that run on windows and mac.
However, Vmware and Virtual box also work on Ubuntu which means that you can run a Windows virtual machine under Ubuntu to get the best from both worlds..
This article was written by Gary Smith, you can check him out and read some of his latest keylogger reviews on his website.