Osint Me Tricky Thursday #2 – Keyloggers

  • by

Welcome back to my irregular, random Thursday spot of tips and tricks!

This time around I would like to focus on KEYLOGGERS and share some tricks on how to detect and avoid them.

Keyloggers come in two types – hardware and software. Essentially, both types are digital surveillance tools that capture and record anything that you type on your computer’s keyboard. 

Keylogger targets are many – from private emails to website login credentials, from credit card numbers to PIN codes for your online banking.

1. How to spot a hardware keylogger

For somebody to install a hardware keylogger, they need physical access to your computer. Hardware keyloggers are small, cheap USB devices (circa 10 euro) that are placed into the USB ports between the keyboard and the computer’s USB panel on the motherboard.

Newer keyloggers can connect to local WiFi and send captured keystrokes in real time to the attacker.

To spot keyloggers, you must:

  1. Be familiar with your hardware and what is NOT part of it.
  2. Conduct a visual examination of USB ports at the back of the machine.

 

This is what you should look for:

2. Signs of a software keylogger

Software keyloggers can appear on your system as result of an infection with malicious software.

Like any malware, they sometimes manifest themselves on a target system by slowing it down.

What to look out for:

  • Keystrokes and mouse lagging while typing
  • Suspicious processes running in the background (on Windows machines, go “Ctrl-Alt-Delete” to access the Task Manager and search for unfamiliar processes)
  • Unexpected error codes while loading websites containing a lot of text and graphics
  • Unfamiliar programs installed on your system

 

TRICKS TO TRICK A KEYLOGGER

  1. Using hardware 2FA on your accounts – this will not prevent keylogging, but in the case where somebody has your login credentials, they won’t be able to compromise the account without the physical 2FA security token.
  2. Using a password manager – not typing in your passwords will not expose them to a keylogger.
  3. Using a virtual keyboard – no keystrokes on the physical keyboard means no keystrokes to intercept. Keyloggers are not programmed to capture virtual keyboard activity.
  4. Installing key encryption software – this type of software encrypts the keystrokes before they reach the application, meaning that what you type is obfuscated and can’t be intercepted.
  5. Using keystroke interference software  – it introduces random keystrokes and confuses the attacker who won’t know what keystrokes are genuine password letters and which are not.
  6. Installing anti-keylogger software – used specifically for detecting and alerting users to the presence of keyloggers.
  7. Using a live-USB operating system – running a default configuration on an OS from a USB ensures that nobody had any chance to install any malicious software on the machine.
  8. Configuring a firewall – use the highest security setting to force programs to always ask for permission before running.
  9. Using one time passwords – OTPs are ad hoc generated passwords that are valid for only one login session or transaction on a given machine.

Leave a Reply

Your email address will not be published.