A keylogger is basically spyware. As indicated by its namesake, it “logs” or records your keystrokes. When you type in your username or password, this information is logged and made available to the hacker. Keyloggers can either be physical or software-based, the latter being more difficult to detect.
A keylogger works in several different ways:
• Each keystroke is recorded and immediately dispatched to some remote listener over the internet.
• Keystrokes are collected in a temporary file, which is then periodically uploaded to the author’s location over the internet.
• The keystrokes are collected in a temporary file, but much like a spam bot, can listen for and receive instructions from the author. The logger could thus upload the collected information when requested.
• The collected keystrokes could never be uploaded. Instead, if someone has remote access to your machine, or even physical access to your machine, they could simply come by and copy the information manually.
• Finally, the information may not even be kept on your machine. There are hardware keyloggers that include a little flash memory and can be quickly inserted in between keyboard and computer to capture all the data. After installing, the person behind it stops by and picks up the device containing all your information.
There are two basic methods for bypassing keyloggers, both which involve confusing the logger with random keystrokes. The first, when you need to enter a username or password, is to randomly insert irrelevant numbers and letters in between the same. Once entered, just select the random bits with the mouse and delete them before logging in. The second is for fooling keyloggers that capture all keystrokes and not just those typed in the password box. Enter your info randomly across the browser and search bars along with random numbers and letters. When you wish to log in, simply copy and paste the relevant bits into the log-in boxes. Another option, on-screen keyboards, will be explained in a later chapter.
You can also use KYPS, a reverse proxy server that takes a password, encrypts into a one-time code, printed from the KYPS web site that can be used to log into any computer safely. After being decrypted by the KYPS system and logging in, it deletes the one time code as a password. KYPS also acts as a normal proxy to protect your browsing history. When browsing, it displays the KYPS URL along with random characters and symbols to maximise security. The “Work Offline” option shouldn’t be relied on too often. This feature is specific to Internet Explorer or the application with that function, and it’s not too hard for a keylogger to bypass something so narrow. Also, even if you physically pulled out the internet connection wire from your PC, only the first of the above approaches is rendered harmless. The keylogger can still quietly collect the data and transmit it when a connection is available. As such, there is no way to be 100% careful against keyloggers. It depends on specific keyloggers most of the time. However, you should always remain cautious when entering a cyber cafe.