Some are good. Some are bad. All are invasive. Beware the keylogger.

Malware is nasty. It’s pervasive, invasive and effective. It’s one of the most common reasons behind breaches in big companies and the theft of individual identities. It’s sneaky and it comes in multiple flavours, one of which happens to be the keylogger. These nasty beasts are another tool that can be used by cybercriminals to spy on your movements and access your information. They’re smart, hard to find and very, very invasive.

Keyloggers are a form of software designed to sit on your system and record your keyboard movements. The clue is in the name – they log every keystroke you make on your machine. Then they take this information and share it with third-parties or use it to access your bank accounts, identity and online life.

What makes a keylogger particularly unpleasant is that it’s really hard to find unless you know what you’re looking for, and most people aren’t looking for them. Often, the problems that come with a keylogger presence on your machine are so easy to miss or ignore that you can go weeks and months before you realise you’ve been hacked.

Keyloggers don’t just sit on your keyboard either. They also can be used to monitor your screen activity – some can take random screenshots while you work or access your personal accounts – and record your microphone.

For the individual, a keylogger is a deep invasion of personal privacy that can result in identity theft, bank account fraud and so much more. For the business, this type of malware is an insidious and effective way of climbing inside the corporate to steal valuable information and data. This can then be used to attack even more individuals and organisations in a domino effect that’s only halted by healthy security systems and smart users.


The definition

Keyloggers are not all evil. In fact, some are used by IT experts to manage internal systems in a company or track behaviour. The ‘hotkey’ function embedded into Microsoft is also a form of keylogger, albeit one that’s designed to help rather than make life deeply unpleasant.

There are plenty of legal and relevant keylogger software solutions on the market and these are used by computer experts to manage a variety of functions. The ones you need to look out for are the ones that don’t kindly help you speed up your work or manage your third-party service providers.

Just remember, even legitimate keylogger solutions can be used for nefarious purposes so don’t shrug off any kind of keylogger on your devices. They are there to do a very specific job and that job is to track your movements so if you didn’t give it permission, then it needs to go. Keyloggers can make themselves comfortable on iPhones, Android phones, Macs, PCs and every other platform in between.

There are some warning signs that a keylogger has made itself comfortable on your device. You may find that your websites are loading really slowly or that your system is struggling a bit. Often, your keystrokes will only show on the screen after a split-second delay – enough for your eye to notice that something isn’t quite right.

Keyloggers can be used to:

  1. Access your PIN numbers, login details, bank account information, personal information, payment systems and more. Every stroke is recorded and your details stolen.
  2. Steal a person’s identity. This can be done very thoroughly if your system has handed over all the information mentioned in point 01 above.
  3. Steal proprietary information and data that can be sold on to third parties. This is particularly worrying for organisations and governments.

Broken trust: A particularly smart and nasty keylogger was injected into the script used by the Best of the Web – a seal used to display their trust on customer websites. The script had been hacked twice with two keyloggers and is still on some websites today.


The threat

Keyloggers arrive on your device using a variety of different methods. They spread through malware, they can be installed on your machine by an individual targeting you specifically, they can be downloaded onto your device if you open an infected attachment, and you can get infected by a drive-by download of the malicious code from an infected website. It’s a particularly insidious form of attack because you can get infected through no fault of your own.

This type of malicious code really reinforces the need to invest into robust security systems on your devices and to pay attention to the attachments you open and the websites you visit. Many antivirus and internet security solutions can detect if a site has been compromised and will immediately prevent you from entering. Just keep your systems up to date and your eyes open.

Inside the bank:  A keylogger that had hidden itself within Mexican banks was discovered by Kaspersky Lab in 2019. This keylogger had likely been in the system since 2013 and was given the rather ominous title of Dark Tequila. It’s an advanced and intelligent malware that spreads through spearphishing and infected USB devices and there’s concern that it may yet spread beyond Mexican borders into other countries worldwide.


The protection

 The problem with a keylogger is that it sits silently on your device until it’s too late. To protect yourself you need to follow the basic rules of cybersecurity and you need to run constant checks on your systems and devices.

  • Download a software protection programme – MalwareBytes is a reputable platform that offers a toolkit that you can download and use to detect and destroy keyloggers on your system.
  • Don’t open the attachment – Attachments are the bane of your security life. They pose more than just a spyware threat and are one of the most common attack vectors used by threat actors. Just don’t open the attachment unless you are 100% sure it comes from a reliable source.
  • Don’t click on dodgy links – this really can open your system up to dangerous viruses, malware and spyware. The same goes for ads – avoid them. Rather go directly to the site and find the special offer from there.
  • Install the best possible antivirus and internet protection tools you can find – having an antivirus installed on your machine isn’t a nice to have, it’s essential. Look to a comprehensive solution such Norton 360.
  • Check for spyware regularly – use a solution such as Norton Power Eraser to find out if you have spyware and remove it.