Questions about Software Keyloggers

Discussion in 'privacy problems' started by Rmus, Apr 20, 2005.

Thread Status:
Not open for further replies.
  1. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    1) How do they get installed (assuming no one gets physical access to your computer)

    2) After installation does the computer have to reboot before the Keylogger program can work?

    3) How does the Keylogger program send out its captured information? One article had this:

    "A keylogger is software that copies a computer user's keystrokes to a file, which it may send to a hacker at a later time."

    How? Outbound through a port? By email?

    Thanks,

    -rich
     
  2. Bethrezen

    Bethrezen Registered Member

    Joined:
    Apr 16, 2002
    Posts:
    546
    hi

    let me try to explain

    there are a number of methods but usually they would be installed by a hacker remotely through a back door on your system created by a RAT (Remote Access Trojan)

    honestly I don't know but my guess would be no

    again there can be a number of methods if your infected with a trojan then it could send them through the backdoor created by that trojan or by email mabe or perhaps by some other open port on your computer such the one used by spammers to abuse windows messaging service not to be confused with windows messenger

    hope this answered your question
     
  3. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Thanks for the reply.

    Regarding getting installed:

    I suppose that user alertness and a robust firewall are two important safeguards.

    About sending out the logged info:
    A properly configured firewall should prevent the open port possibility, but would probably not prevent other means, such as

    1) an SMTP mail program that was attached to the trojan, or

    2) Outbound by an application (installed with the trojan) that launches other applications.

    ---
    Rmus
     
Loading...
Thread Status:
Not open for further replies.