Keylogger

Definition

Malware recording keystrokes to steal credentials/payment info.

Technical Details

A keylogger is a type of surveillance software or hardware that records every keystroke made on a keyboard. This can be done through software installed on the victim's device, which captures keystrokes and often stores them in a log file, or through hardware devices that intercept the keyboard's output signal. Keyloggers can operate in stealth mode, making them difficult to detect, and can be used to capture sensitive information such as usernames, passwords, credit card numbers, and other private data. They can be part of a broader malware suite and may utilize techniques such as rootkits to hide their presence.

Practical Usage

Keyloggers are often used by cybercriminals for malicious purposes, such as stealing sensitive information from individuals or organizations. They can be deployed through phishing attacks, malicious downloads, or as part of bundled software. In some legal contexts, keyloggers may be used by employers to monitor employee activity or by parents to supervise children's online behavior. However, the use of keyloggers raises significant ethical and legal concerns, particularly regarding privacy rights.

Examples

• A cybercriminal sends a phishing email containing a link to a malicious website that installs a keylogger on the victim's computer, capturing their banking credentials as they log in.
• An employee unknowingly installs a keylogger bundled within a free software download, allowing an attacker to capture sensitive corporate login details.
• A parent uses a keylogger to monitor their child's online activities, capturing keystrokes to review messages sent via social media platforms.

Related Terms