What is a Keylogger?
A keylogger is a piece of software that records a what a user types, and then sends what it recorded to someone else. It runs under the surface and can easily escape the user's attention. Malevolent keyloggers can catch passwords and other critical information as the user types. The collected data can then be forwarded to the keylogger's author, who may use the information to his own purposes. A common example of keylogger activity is the hijacking of World of Warcraft game accounts. An unwary player will enter the game universe to find that his virtual character has had its property stolen by a thief who obtained an account password via a keylogger.
Keyloggers are capable of sending user keystrokes and actual screenshots of user activity back to their creators 1.
Note that not all keyloggers are strictly malicious by design. There are some contexts in which a keylogger's use is acceptable, such as by employers to watch what their workers are doing on company computers 2.
How to Avoid Getting Keyloggers
- Be extremely wary of emailed attachments 3.
- Maintain your firewall and antivirus. Make sure that the antivirus program gets regular updates so that it can know about as many keyloggers as possible. Also make sure that the antivirus program is configured to stop any threat it detects, including those it may consider only "potentially" harmful 5.
Unfortunately, the standard keylogger runs "quietly", not causing symptoms that users are likely to notice. http://securelist.com/en/analysis/?pubid=204791931. Worse still, many keyloggers deliberately place themselves inside legitimate programs (these kinds of keyloggers could be referred to as Trojan Horses) 6.
Obviously, any suspicious or inexplicable activity in confidential accounts (such as mysterious money transfers) may indicate an active keylogger.
What to do under Keylogger Attack
- If a keylogger's presence is suspected, it may be helpful to use a "virtual keyboard" 7. A virtual keyboard is a program that allows keyboard emulation by having the user click on images of keys rather than pressing the keyboard. In Windows 7, a virtual keyboard can be found by searching for "onscreen keyboard" from the Start menu. Note that virtual keyboards themselves may be monitored by spyware.
- Update and run antivirus software. Ideally, the antivirus will locate any keyloggers and remove them. However, antivirus updates may not detail all existing keyloggers, so it is possible for some keyloggers to survive. All in all, a user who is not computer-savvy should seek aid from an experienced user in the event of keylogger infection.
- Change any passwords you think may have been taken by the logger.