What are risks of getting a keylogger?

Discussion in 'other anti-virus software' started by nine9s, May 1, 2013.

Thread Status:
Not open for further replies.
  1. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    Are unintended keyloggers common or pretty rare?

    I can find no information on the chances of getting them, but my guess is they are pretty low chances?

    If one never downloads unknown files, only from trusted sources like Microsoft, Nvidia, game companies, etc., uses adblockers, site reputation filters, and good AV, does not use client side mail readers, only established online ones, etc., is the only person to use his computer, never uses other people's USB/Disk etc. media on hsi computer, what are chances of getting a key logger?

    Also, are they fairly large programs, versus simple script, so you would have to download something that contained one because they would be too large to be delivered via a simple drive-by web page sticking one on your computer?
     
    Last edited: May 1, 2013
  2. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,049
    Location:
    USA
    No, they are not large at all. I used to have a good collection for testing but they all accidentally got deleted. I have never come across one that I did not seek out deliberately. I am sure it is possible to pick one up unintentionally but you would most likely get one from someone planting it on your machine.
     
  3. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    Thanks.


    So it seems yes it is possible to get infected with one no matter what but it is very rare and low risk (unless of course you are downloading questionable pirated software etc.)?
     
  4. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,049
    Location:
    USA
    I would agree with that. Possible but not likely for the cautious user.
     
  5. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    Big problem is differentiating between good and bad keyloggers.
    I dont agree with the whole concept at all of using keylogging software to "spy" on people.
     
  6. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,049
    Location:
    USA
    Agreed. That is why I did the testing on them that I did. I wanted to make sure that I wasn't being spied on, since it had been considered a possibility on our work machines at the time. :ninja:
     
  7. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    There is no moral difference between a hacker using these and an employer using them to spy on his employees.
     
  8. aztony

    aztony Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    547
    Location:
    USA Southwest
    Maybe so, but one key difference being, whereas the hacker's activity is illegal, the employer has the right, and one presumes the legal recourse to use them.
     
  9. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    Incorrect.
    That is pure semantics.

    Im speaking of the moral and ethic behind it.
    As for saying the employer has the right to spy on his employees,well that is corrupt hogwash.

    It doesnt say much for the company has a whole.
     
  10. aztony

    aztony Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    547
    Location:
    USA Southwest

    I am not condoning the practice of employers spying on their employees, and I suspect there are probably more companies doing it than those that don't. But I am also aware that employers have the right to set what rules and policies they enact in their respective work place(s) What company operating today does not have a legal department, or at the very least access to legal counsel? Whatever policies they put in place cannot violate laws. I don't know about your country, but I have yet to hear of anyone suing an employer here (successfully) for monitoring its employees, electronically or otherwise!
     
    Last edited: May 1, 2013
  11. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,049
    Location:
    USA
    True, and I understand the point you are trying to make, but what is legal is not always right, and if we silently let something continue because it is legal then we deserve it.
     
  12. aztony

    aztony Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    547
    Location:
    USA Southwest
    That is very true what you say about legal not always being right. Bear in mind, however, here in the US the corporation has more rights than the individual. We see it every day by watching government's actions and policies.
     
  13. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    I believe the correct way to say this is that the corporation has the same rights as an individual. It most certainly has more resources and corresponding influence than the individual.
     
  14. aztony

    aztony Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    547
    Location:
    USA Southwest
    Boom! In a nutshell.
     
  15. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    It depends on the OS. With the introduction of "patchguard" on Win 7 x64, it's much more difficult for a keylogger to get installed. So difficult that many mainstream x64 antimalware software do not have antilogger protection.

    Today most keyloggers are installed under the control of financially motivated malware. This software's whole purpose is to remain as sleath as possible to avoid detection and rob you as blind as possble. It can even detect virtual keyboard input in "man in the middle" scenarios.

    I also agree with the statements of "antilogger" software on the market. I have become very leery of it of late.

    One of the best statements I have heard about keyloggers is "bend down and look under your desk and see what is attached to your phone/cable/etc. connection.":argh:
     
  16. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Yeah chances are pretty low but don't forget about hardware keyloggers.
    In that case other people don't have to use your computer - it's enough to install it if they are close enough your PC ;)
     
  17. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    As I understand the process, they are usually installed in the second pass download of the malware. The first pass will install crap to disable your antimalware software and/or firewall or cripple it and then initiate the control software to initiate the second pass malware download. The final stage is to reset everything to make it appear your PC is fully protected. Remember this sucker's goal is to remain as stealth as possible. The exact opposite of rogues who operate through overt extortion by hijacking your PC.

    Actually any antimalware software that prevents it's realtime protection from tampering is a good alternative. NIS comes to mind. Try to disable or tamper with ccsvchst.exe. Good luck on that one. On the other hand, the best way to disable realtime protection is to prevent it from starting at boot time i.e. rootkit.
     
  18. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    BTW - you can usually spot most commercial software keyloggers; the type many business use. You should see a lag in the keystrokes as entered. I believe that can be adjusted through a sensitivity setting but most business leave the lag as a warning that your being monitored.
     
  19. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    That's not accurate - PatchGuard prevents the modification of kernel structures but keyloggers can exist at any level in the stack. The highest level keyloggers still receive the same keystrokes as the lowest, and they work fine on Win8 x64.

    That being said, most malware is moving away from using conventional keyloggers and instead looking to steal data in a more optimal way to avoid the hackers from having to pour through your chat conversations to find your passwords.
     
  20. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
  21. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,953
    Location:
    U.S.A.
    Removed Off Topic Posts. Let's Focus On The Topic and Not Bashing Each Other. Thank You!
     
  22. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,049
    Location:
    USA
    I would think it would be extremely difficult to detect a hardware keylogger. I can't find any links immediately but I remember reading a while back about being able to pick up the electrical interference from your wired keyboard up to a certain distance without having to connect or install anything to your PC. I'll see if I can find anything about it later. Don't have time now...
     
  23. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
Loading...
Thread Status:
Not open for further replies.