Search Our Knowledge Base
Keyloggers: Detectors, PC Monitors, Keylogger Software, What Is a Keylogger
What Is a Keylogger?
Keyloggers or keystroke loggers are software programs or hardware devices that track the activities (keys pressed) of a keyboard. Keyloggers are a form of spyware where users are unaware their actions are being tracked. Keyloggers can be used for a variety of purposes; hackers may use them to maliciously gain access to your private information, while employers might use them to monitor employee activities. Some keyloggers can also capture your screen at random intervals; these are known as screen recorders. Keylogger software typically stores your keystrokes in a small file, which is either accessed later or automatically emailed to the person monitoring your actions.
How Does a Keylogger Get on Your Computer?
A keylogger can be installed on your computer any number of ways. Anyone with access to your computer could install it; keyloggers could come as a component part of a virus or from any application installation, despite how deceptively innocent it may look. Some additional ways in which keyloggers can be installed on your computer can include:
- Malware downloads: Keyloggers can be embedded in malicious software downloads, such as pirated software or fake antivirus programs.
- Phishing emails: Keyloggers can be attached to phishing emails and installed on a computer when the user opens the email attachment.
- USB drives: Keyloggers can be installed on USB drives and then plugged into a computer to install the malware.
- Remote access tools: Keyloggers can be installed on a computer using a remote access tool, such as TeamViewer or AnyDesk.
This is part of the reason why you should always be sure you’re downloading files from a trusted resource.
Remote - access software keyloggers can allow access to locally recorded data from a remote location. This communication can happen by using one of the following methods:
- Uploading the data to a website, database or FTP server.
- Periodically emailing data to a predefined email address.
- Wirelessly transmitting data through an attached hardware system.
- Software enabling remote login to your local machine.
Additional features that some software keyloggers come with can capture additional information without requiring any keyboard key presses as input. They include:
- Clipboard logging – Anything that can be copied to the clipboard is captured.
- Screen logging – Randomly timed screenshots of your computer screen are logged.
- Control text capture – The Windows API allows for programs to request the text value of some controls, meaning that your password may be captured even if behind a password mask (the asterisks you see when you type your password into a form).
- Activity tracking – Recording of which folders, programs and windows are opened and also possibly screenshots of each.
- Recording of search engine queries, instant message conversations, FTP downloads along with any other internet activities.
Hardware-based keyloggers can monitor your activities without any software being installed at all. Examples of these include:
- Keyboard hardware - These loggers take the form of a piece of hardware inserted somewhere between the computer keyboard and the computer, typically along the keyboard's cable connection. There are of course more advanced implementation methods that would prevent any device from being visible externally. This type of hardware keylogger is advantageous because it is not dependent on any software nor can it be detected by any software.
- Wireless keyboard sniffers - It is possible for the signals sent from a wireless keyboard to its receiver to be intercepted by a wireless sniffer.
- Keyboard overlays - Overlays are popular in ATM theft cases where thieves capture a user's PIN number. This device is designed to blend in with the machine so that people are unaware of its presence.
How Can I Detect and Remove a Keylogger?
There are a variety of ways to detect a keylogger, though none are a catchall, so if you have reason to suspect your computer has a keylogger, we recommend trying a variety of these tactics:
- Use a security scanner: A security scanner can be used to scan your computer for malware, including keyloggers.
- Check for suspicious processes: You can use Task Manager to check for suspicious processes that are running on your computer. Suspicious processes may have names that you are not familiar with or they may be using a lot of CPU or memory.
- Look for unusual activity: If you notice any unusual activity on your computer, such as your cursor moving on its own or your browser opening new tabs automatically, this could be a sign that a keylogger is installed on your computer.
- Change your passwords: If you think that your computer may be infected with a keylogger, you should change all of your passwords immediately.