A key logger is a program that runs in your computer’s background secretly recording all your keystrokes. Once the Key logger logs your keystrokes the attacker can gain access to passwords and other confidential information on your computer. For example, a keylogger can easily obtain confidential emails and sell them to any interested outside party willing to pay for the information.
Keyloggers can be either software or hardware based. Software based Key loggers are the easiest to install, but are also easier to detect. Hardware based Key loggers are more complex and much harder to detect. As far as you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.
The more Key loggers become advanced, the more difficult it becomes to detect them. They can pry into a users privacy for months and sometimes years unnoticed. A key logger can collect a lot of information off your computer during that time frame. They can not only obtain passwords and login names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more. All this information collected leaves the user in danger of credit card number theft, other valuable information and even identity theft.
A key logger program might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:
· Undetectable in the process list and invisible in operation
· A kernel keylogger driver that captures keystrokes even when the user is logged off
· A remote deployment wizard
· The ability to create text snapshots of active applications
· The ability to capture http post data (including log-ins/passwords)
· The ability to timestamp record workstation usage
· HTML and text log file export
· Automatic e-mail log file delivery
Not every key logger is used for illegal purposes. A variety of other uses have surfaced. Keyloggers are used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web. In December 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke-logging device on a suspect’s computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.