What is a keylogger?
The term 'keylogger' refers to a malicious computer program that secretly records the keystrokes that a user makes on a computer. Keyloggers are used to gain illegal access to confidential information, such as personal data, credit card details, passwords, etc.
Types of keyloggers:
There are two types of keyloggers, depending on the method used to record keystrokes: software and hardware.
Hardware-based keyloggers are unusual, as they require physical access to the victim's device.
Software-based keyloggers, are not only common, but can also affect any device that is not adequately protected. Keyloggers are normally installed on devices along with other harmful programs, such as Trojans or viruses. An attacker could, for example, trick a victim into clicking a malicious link from which the keylogger is secretly downloaded.
Unlike other types of malware that delete data or encrypt files and then demand a ransom, keyloggers are designed to go unnoticed while they record the user's actions, thus making them difficult to detect.
They are designed to collect confidential data entered through keystrokes, especially bank account numbers and passwords and PINs. With this information, hackers can then impersonate the user in order to steal sensitive information or carry out fraudulent financial transactions.
Examples of keyloggers
The case of PunkeyPOS highlights the devastating effects that keyloggers can have. This malware infected the point of sale (POS) terminals of hundreds of restaurants (mainly in the US), gathering the bank details of thousands of customers.
Another example with a different focus was EyePyramid, a cyber-espionage campaign that threatened the security of numerous Italian state agencies in early 2017. This invasive malware was used by professional hackers to enter the devices of the numerous public figures they were spying on.
The activity started in 2012, affecting some 18,327 users, and stealing 1793 passwords using a keylogger. Around 87 GB of data in total. Those targeted included ex-prime ministers Matteo Renzi and Mario Monti, as well as the ex-president of the Central European Bank, Mario Draghi, and others in sensitive positions.
How to protect yourself
It is clear that the professional use of keyloggers means that companies and organizations need to implement systems that guarantee the security of their data. Intelligent cyber-security platforms designed by Panda Security can detect, block and deal with any attack before it reaches its target.
Their dynamic focus, based on the principles of contextual intelligence, enable organizations to anticipate malicious behavior and prevent data theft.
To ensure that your systems haven't been infiltrated by a keylogger, you can run a full scan with the latest version of Panda Antivirus. If a malicious program is detected during the scan, you will automatically be offered the option to remove it. To do this, just follow the steps in the program.