Skip to main content

Keyloggers - How They Steal Your Passwords

About 2 min read

A keylogger is a type of malware that secretly records keyboard input. There are software-based and hardware-based types, and software-based keyloggers are distributed embedded in Trojan horses and the like. The recorded data is sent to the attacker, and confidential information such as passwords and credit card numbers is stolen. Since 2024, cases in which keylogger functionality is embedded as part of information-stealing malware (infostealers) have been increasing.

How Keyloggers Work

Software-based keyloggers hook into the operating system's keyboard input API and record every keystroke. Advanced ones also capture screenshots and monitor the clipboard. Hardware-based types are small devices physically inserted between the USB connector and the keyboard, and they are especially dangerous because they cannot be detected by software.malware analysis books on Amazon offer technical details on the subject.

Real-World Use Cases

"As a result of the forensic investigation, a software-based keylogger was detected on the infected device. The keystrokes from the past two weeks had been sent to an external server, and we are currently changing the passwords of all affected accounts."

Concrete Damage Scenarios

A typical scenario is one in which a hardware-based keylogger is planted on a shared PC in a hotel business center or an airport lounge. When a business traveler logs in to their email or online banking, all of their credentials are recorded. Cases of downloading software-based keyloggers disguised as free software are also frequent. In corporate environments, there are also reported cases of insiders planting keyloggers on colleagues' PCs to steal confidential information.

Practical Countermeasures

Using the auto-fill feature of a password generation tool can keep keyboard input to a minimum. The auto-fill feature of a password manager is also an effective countermeasure. Avoid entering passwords on public PCs, and by setting up two-factor authentication, you can prevent unauthorized logins even if your password is leaked. If you have no choice but to use a shared PC, we recommend changing all of your passwords after use.password security guides (Amazon) are also helpful references.

Related Terms

Was this article helpful?

XHatena