What's A Keylogger

Dolyetyus

Co Admin
21 Nis 2020
1,204
664
Delft
Welcome Turk Hack Team Members,

What is a keylogger? At its most basic definition, a keylogger is a function which records or keystrokes on a computer. Taken at this basic level, a keylogger looks absolutely harmless. In the hands of a hacker or a cybercriminal, a keylogger is a potent tool to steal away your information. We'll talk about how a keylogger works, how cybercriminals install it on your computer, and what you can do to a**** being a victim. You'll know what is a keylogger when we're done.


WHY KEYLOGGERS ARE A THREAT

Keyloggers are a serious threat to users and the users' data, as they track the keystrokes to intercept passwords and other sensitive information typed in through the keyboard. This gives hackers the benefit of access to PIN codes and account numbers, passwords to online shopping sites, email ids, email logins, and other confidential information, etc.

what-is-a-keylogger.jpg


When the hackers get access to the users' private and sensitive information, they can take advantage of the extracted data to perform online money transaction the user's account. Keyloggers can sometimes be used as a spying tool to compromise business and state-owned company's data.

The main objective of keyloggers is to interfere in the chain of events that happen when a key is pressed and when the data is displayed on the monitor as a result of a keystroke. A keylogger can be done by introducing a wiring or a hardware bug in the keyboard, to achieve video surveillance; terminating input and/or output; or by also implementing the use of a filter driver in the keyboard stack; and demanding data from the user's keyboard using generalized docmented methods. There are two other rootkit methods used by hackers: masking in kernel mode and masking in user mode.

HOW KEYLOGGERS SPREAD

Keyloggers can be installed when a user clicks on a link or opens an attachment/file from a phishing mail
Keyloggers can be installed through webpage script. This is done by exploiting a vulnerable browser and the keylogger is launched when the user visits the malicious website.
a keylogger can be installed when a user opens a file attached to an email
a keylogger can be installed via a web page script which exploits a browser vulnerability. The program will automatically be launched when a user visits an infected site
a keylogger can exploit an infected system and is sometimes capable to download and install other malware to the system.



HOW HACKERS INSTALL A KEYLOGGER

A hacker employs a Trojan virus as a delivery tool to install a keylogger. But way before one is downloaded onto your system, a hacker will use two different methods to get it into your computer. And both ways involve your participation.

The first method involves phishing. Phishing is the act of faking an email from a legitimate company to fish for passwords and credit card numbers. Sometimes, these emails contain attachments which download programs stealthily into your computer once you click on them.

For the second method, the hacker researches on his intended victim beforehand in order to find a weakness in her or his online habits. Let's say a hacker finds out the victim habitually visits porn sites, the hacker might craft an email with a fake coupon for a membership into an exclusive erotic website. Since this method targets a particular fondness of the victim, there's a large chance of success that the he or she will download the fake attachment, unknowingly installing the keylogger.

HOW TO PROTECT YOURSELF FROM KEYLOGGERS

Take caution when opening attachments: Keyloggers can be present in files received through email, chats, P2P networks, text messages or even social networks. If someone sends you an email out of the cold or the contents of the email are asking for your personal information, chances are there's a keylogger in there somewhere.

Implement Two Factor Authentication

Strict implementation of Two-factor authentication through one time passwords would help users protect their sensitive credentials, as one-time password is momentary and the hackers cannot use the same detected password the next time.

Use of Virtual Keyboard

Virtual Keyboard helps to avoıd personal data interception by the hackers. It is a software used to allow the users to input characters without the actual need for physical keys.

Use a comprehensive security system:

Install a good Antivirus Product with the latest virus definitions. Antiviruses can help you to avoıd keyloggers.

//Quoted. Thanks for reading.
 
Son düzenleme:
Üst

Turkhackteam.org internet sitesi 5651 sayılı kanun’un 2. maddesinin 1. fıkrasının m) bendi ile aynı kanunun 5. maddesi kapsamında "Yer Sağlayıcı" konumundadır. İçerikler ön onay olmaksızın tamamen kullanıcılar tarafından oluşturulmaktadır. Turkhackteam.org; Yer sağlayıcı olarak, kullanıcılar tarafından oluşturulan içeriği ya da hukuka aykırı paylaşımı kontrol etmekle ya da araştırmakla yükümlü değildir. Türkhackteam saldırı timleri Türk sitelerine hiçbir zararlı faaliyette bulunmaz. Türkhackteam üyelerinin yaptığı bireysel hack faaliyetlerinden Türkhackteam sorumlu değildir. Sitelerinize Türkhackteam ismi kullanılarak hack faaliyetinde bulunulursa, site-sunucu erişim loglarından bu faaliyeti gerçekleştiren ip adresini tespit edip diğer kanıtlarla birlikte savcılığa suç duyurusunda bulununuz.