How Keyloggers work and why you should worry!

keyloggers

 

The History of Keyloggers

Keyloggers have been used ever since the dawn of computers.   It used to be a problem even in DOS(Directory of Systems).   If you haven’t used Dos that is normal, it hasn’t been used for years and years but it was still was a problem.  What are Keyloggers?  Well, to put it in a way that even those who might not know about computers will understand, is a program or app that will watch everything you do, this includes everything you might say, might type, and then report back to the person or organization who created the keylogger.   If your phone was infected they could use the keylogger to even know your GPS location and you would not even know it.   This is where it has gone in the past and I am sure it will get even worse in the future because of all the IOT(Internet of Things) we have being used to control our Fridge, or even our thermostat.

The Information gained by a Keylogger

Even today, we should be watchful of who might be looking over our shoulders.   It is even more difficult to do that in security because Keyloggers will tend to hide in the background and not show signs that you have a problem on the system or systems involved.  The information a threat actor might gain from using a keylogger is tremendously valuable.    I don’t say that lightly either, when a threat actor gains control of a system and wants to gain access to something even more secure this is one of the ways they can get the information needed to gain access to that really important documentations.   They can sit on a system for weeks to months without being noticed and gaining valuable information such as passwords, account information’s from banks to email addresses, Even your Social Security Number and even what websites you might of visited while the keylogger is installed on your device.  This is just a small part of how much information a keylogger can gain just by being on a system.   They can learn habits of the user, if you visit a site at 12:13pm almost exactly each day, then they will know what you are doing on your break or what you do at night if this is a system at home.  They could even know your location just by having a keylogger on your phone and be able to track you through the day to figure out your habits.

It’s not a victimless as you think

No matter how many times you hear of keyloggers, you probably don’t realize just the truth of the matter.   That the reason to install keyloggers into a system is for money, extortion, or blackmail.   These are just a few of the reason why a threat actor would do this.   They’re doing this usually for money but not always they will do this to make a statement or gain access to information.   This is where the value of keylogging comes into play, anything a user does can potentially show valuable information from black mailing someone because they are visiting sites we shouldn’t be visiting for pleasure or to get the information needed to impersonate someone to gain access or ruin someone’s credit.   All these can bring shame to the victim and make it even harder to survive.   This is one reason security has always been one of those hit or miss areas in IT.  As soon as we find the program, infection, or worm, they go about coming up with new ways to do it all over it.   You see we are always trying to analyze the structures of the programs they create and find them in the wild.    So as soon as we know about the program they have to change the program to be able to do it again on some other systems.