Keyloggers

Cybersecurity Forensics Lesson 2.4.6

---

Keyloggers

• Keystrokes contain valuable information
  • Passwords, usernames, messages, credit card information
• Save all keyboard input
  • Sent to malicious actor
• Circumvents encryption protections
  • Keystrokes are not encrypted
• Can log other data:
  • Screenshots
  • Clipboard
  • Instant messages
  • Search history

Legitimate Uses for Keyloggers

• Concerned parents can keep tabs on children’s computer activity.
• Law Enforcement
• The FBI used keyloggers on machines given to Russian cybercriminals to capture their usernames and passwords when they accessed their computers in Russia with the provided machines.

Preventing Keyloggers

• Usually installed with malware
  • Use anti-virus/anti-malware
  • Keep your signatures updated
• Be careful with passwords
  • Use one-time passwords or multi-factor authentication when possible
  • Consider using a password manager to avoid typing all together!
• Physical protection
  • Consider using a different keyboard layout – like Dvorak or Colemak
• Block unauthorized communication
  • Block the exfiltration attempt
  • Firewall rules/monitoring