What is the deal with keyloggers?
You ask, we answer!
Here’s a new question on security from our #AskArcher show.
Audrey asks about keyloggers.
“Here’s my question: for keyloggers, can you get them on your computer by visiting websites, opening an email or, as I’ve heard, someone physically has to install it on your computer? What’s the truth on this?” Audrey said.
See answer here:
We turn to Patrick C. Miller of Archer Security Group, Archer News Network’s parent company, for answers.
First, what is a keylogger?
“Keyloggers really just record or log your keystrokes,” Miller said. “When you type letter ‘A’, it records the letter ‘A’. Just like when you type a sentence and it actually records everything you just typed.”
Why is this important?
“Well, when you type in your password, it records what your password is,” he explained.
In the past, you had to have physical access to a computer to get a keylogger on a system, Miller said.
You would physically plug in a little device between the keyboard cable and the computer.
A keylogger that someone can plug into your computer to record what you type. Image credit: Hacker Warehouse
“Nowadays, you can just install one with malware,” he said. “Keystroke loggers can be done without having physical access.”
Someone could install a keylogger on your computer through an infected e-mail, according to Miller.
“It’s much easier much easier to get a keystroke logger on there if you send them an e-mail with a nasty link in there that takes you to a malicious website, for example. Or an attachment that they open that contains some malware,” he said.
Malvertising can also load a keylogger onto your machine.
How would you know if you have a keylogger on your device?
In most cases, they’re difficult to spot, Miller said.
In the past, you could inspect the physical connections to your computer.
“The ones that are software-based, the ones that are in malware, are very had to detect,” he said. “Your antivirus may pick up them sometimes, depending upon the antivirus or age of the keylogger.”
If it’s a newly-developed keylogger, it may be difficult.
“It’s hard for antivirus to detect brand new malware that’s never been seen before. If it’s a new variant, you probably wouldn’t detect it for a while,” Miller explained. “There is not a lot protective software that would tell you right away if you had a keystroke logger.”
An example of keylogging software. Image credit: Spyrix
What does he recommend for people worried about keyloggers?
“First, let’s not assume that we have already been infected. If you’re maintaining good security practices, then you avoid most of these issues,” he answered.
That means patch —or update — your systems as soon as the updates come out.
“I know they are annoying and sometimes you have to reboot and they happen all the time,” Miller said. “There are lots of reasons to complain about them, but you’ll be complaining a lot more if your system is hacked. Complaints about having to reboot and update are minor in comparison to having your system get a ransomware problem, for example.”
In addition to patching, you can try whitelisting software that creates a barrier, so you have to approve certain programs and applications.
Also, backing up your files on a regular basis will help.
“All of these are good practices to minimize the potential impact if you do get something like a keystroke logger,” Miller said. “Think of it as good hygiene. If you brush your teeth, you are probably not going to have any issues when you go to the dentist.”