Anti Keylogger Myths

To all those on wilders forum that love password managers:

source:

-www.trusteer.com/sites/default/files/Anti_Keylogger_Myths.pdf-

 

No doubt

 

But of course we will, I mean we do

 

Hahaha, cheers

 

One problem that I think most people don't realize is that antivirus and antimalware products, including malwarebytes, whitelist commercial keyloggers. So if someone ever gets access to your computer, or if they are able to do a remote install of a commercial keylogger like Eblaster, then that is not a good thing. I would also assume that certain law enforcement have keyloggers that are unknown to the public and probably whitelisted by AV and AM companies as well.

 

Very good point, caspian.
For a long time it disturbed me that apps like MBAM or SAS weren't detecting commercial keyloggers.
I wonder what MBAM's current position is?
In Sep '08, Bruce (nosirrah) said on their forum, "Comercial keyloggers are something we have been thinking about but there are big issues as most of the time they are installed for a legit reason, I almost never see comercial keyloggers in the wild used by malware."
But regardless, programs like AutoRuns will tell you if a logger is running, and so will a HIPS.
Hopefully.

 

that's why i use Trusteer.

 

You're right. This gives a good insight into the subject.

Of course AV makers would deny any collusion in illegal practises.

 

good for you

 

I have a hard time accepting the above quoted statements, especially when one applies the Patriot Act to the equation. Flagging "official" spyware could literally cause them to be labelled terrorist supporters, a situation I'm sure they'll avoid at any cost. They might want to identify official spyware, but doing so could jeopardize their existence as a company.

That's an advantage of default-deny. It doesn't have to be identified to be intercepted.