Are Keyloggers a threat?

I have been reading some threads here lately about keyloggers, which ones function the best, which are are proactive, etc. I was wondering though if there are a real concern for me and if I need to do anything to help prevent them.

I use LooknStop firewall, a heavily tweaked Sandboxie, and RollbackRX. My way of thinking is that keyloggers don't pose much of a threat to me. They would have to be able to access the internet, which is filtered by LnS. If I were to get infect by something else I could simply roll back my system to a previous state. I also have three sandboxie boxes configured to filter what can be run inside of them and what has the ability to access the internet from inside them. Also, all three boxes are configured with low privileges.

I don't really care if it can capture what I type, as long as what it captures can't be transmitted. Or am I thinking about this all wrong?

 

unless the malware is using another process to connect to the 'net.
i know LnS can control this but if you have been infected who's to say what that malware can do exactly?

and how could you be sure 100% you are not infected since some malware are made to operate 'invisibly'?
you could be infected and not even knowing about it.

your SBie is your best and first line of defense.

also, you have to worry about all type of loggers, not just keyloggers...'
a screen logger could be just as bad as a keylogger.

 

Add Internet Access or Start/Run Restrictions on Sandboxie. All offline software keylogger wouldn't work correctly.

 

In my point of view I will surely have anti keylogger on my system if i am security freak.
Most important information from your computer can be traced which are ids and passwords and you need some anti keylogger to prevent or minimize the chance of tracking your password.
I cant mention the name but one of the Great computer expert who run his blog/forum (c) has advised me that you need anti keylogger and net tracker if you want to go without any antivirus/antimalware on your computer.

 

HIPS, application restriction, and virtualization are more than enough in almost all cases. The only exception are for online threats.

 

Sometimes keylogger get pass from all the above mention action.
On virtualization if online keylogger attack occurs and you type password at that time ( i mean in virtualization period) it can be tracked by keylogger
Anti keylogger are not a memory eater or system hogger and you can get free version as well than why one should not have it on the security setup.

 

All that's well and good. And, you're right, an HIPS *could* do the job, but I've seen them bypassed. An the whole HIPS concepts goes against virtualization, making them both overkill. I'm thinking very basic here. There are two things I think are most important here. If I were to to get a logger, of any sort (clipboard, screenshot, webcam, etc), the probability says that it'll come from the internet using either IE, Opera, or Miranda. All of these are sandboxed to allow certain exe files the ability to run and access the internet. Second, whatever data the logger captures will have to have internet access to upload that data to whoever attempted to spy on me in the first place. A firewall, such as LnS, will prevent that. Granted the x64 version doesn't have .dll authentication, but it should still prevent the logger if denied, right?

 

That's why I said application restriction. As in Sandboxie's Internet Access and Start/Run Restrictions.
If it cannot upload data or run, then what's the point? Online ones are covered for me as well.
They are virtually useless for my system. Sandboxie, SRP, Comodo, Perpspectives, NoScript, LastPass, TrafficLight/WOT/DNS, etc. are more than enough.

 

Comodo with D+ and a sandboxie with the restrictions that J_L mentioned I would believe would be more than enough. Unless you are downloading cracks etc.

 

The only time I have EVER seen a stand alone keyloger is with commercial ones. Most of the time they are bundled with backdoors, trojans, and rootkits. That said Almost every sample I have seen lately (last 5 or so years) has had keylogging capabilities.

 

Look at this thread
https://www.wilderssecurity.com/showthread.php?t=312489