A keylogger is a device or program that monitors or records every keystroke you make. Think of it as a form of surveillance. Someone has access to each key you tap, and with that data, that third party could know your usernames, passwords, and more.
Experts say keyloggers pose the greatest threat to organizations, especially those that are small and have several employees that work from home.
Let us explain what keystroke loggers are so you can protect your company from this threat.
What is a keystroke logger?
Hackers want to know what you type, so they can gain access to your assets. This impulse isn't new. Keyloggers have been part of the hacker toolkit for decades.
In the 1970s, the Soviet Union deployed the first keyloggers. The tools measured IBM typewriter print heads to uncover what keys the typists were pressing.
Current keyloggers are slightly more sophisticated, and they measure data rather than ink. But the underlying principle is the same. A hacker uses a tool like this to understand what you've typed before you interface with your target destination.
A hacker could accomplish this through:
- Programming. A hacker alters drivers, or some other part of your computer to send a copy of your keystrokes to someone else.
- Hardware. A hacker supplies an infected keyboard or hands out a plug-in device to capture keystrokes.
- Video. Video of your typing hands could give a hacker information about your keystrokes.
It's somewhat easy to get infected with a keylogger. For example, in 2021, hackers set up a decoy website for a popular utility, and users were encouraged to download what seemed like a software update. Once they did, they were infected with keylogger malware.
Other infection methods include:
- Email. Hackers send suspicious files from innocent-seeming addresses. They may contain infected links, attachments, or both.
- Viruses. Another machine on the network infects nearby devices.
- Stored files. A document or photo on the server is infected. Downloading the item infects the computer.
Once you’re infected, the keylogger can begin data collection. Some take information you type into just one website, while others capture every click and tap. Very sophisticated versions can also see what you copy/paste. And some can take over your camera and microphone too.
How are keyloggers harmful?
Imagine reading every letter you type aloud, and think about all of the sensitive information you'd share with everyone in earshot. You've just outlined the risks of keyloggers.
A bad actor could use a keylogger to:
- Research. A student hoping to save a little money downloaded software infected with a keylogger. That decision let hackers inside a biomolecular research institute, where they stole a week’s worth of data.
- Steal. Hackers sent victims infected email messages. Once users deployed the software inside the notes, hackers gained access to bank accounts and all the money inside.
- Ransom. A woman in New Jersey lost control of all of her social media accounts. Then, hackers sent a demand note.
Consider this an abbreviated list of everything a keylogger might do. In general, anything you unlock with typing is fair game for someone with keylogger access.
What should you do after a keylogger infection?
You won't hear a bell or see flashing lights when keylogger software deploys. Your device likely appears to work normally.
But if your passwords suddenly change or files (and money) go missing, it’s possible you could be infected.
Take these four steps:
- Notify IT. Tell your experts that something is wrong. Follow their instructions carefully.
- Validate. Run antivirus software. Ensure you have the current permissions downloaded and start the program. Some can clean keylogger virus technology out of devices. Validate hardwired USB keyboard connections
- Reboot. Use a startup CD or USB to restart your device. The malware on your operating system shouldn't run in this mode.
- Disconnect. Detach your computer from the internet to ensure you can’t infect other devices on your network.
Walk back through every one of your authenticated sites and change your password. Watch carefully, as a connected hacker may change those credentials back again.
Keylogger prevention checklist
It's much easier to keep a keylogger attack from starting than it is to finish one in progress.
Your prevention steps might involve:
- Automation. Enable automatic form-filling if your system allows for it, and you could give hackers no keys to record. But only allow automation control for software you trust.
- Software. Anti-keyloggers and antivirus tools can keep hackers from deploying code on your device. Keystroke interference tools randomize your work, which makes hacking harder. Just remember you usually can't stop or detect hardware based keyloggers with software.
- Speech. Speaking your phrases and terms can defeat keyloggers, as you won't type much at all.
Remember to surf safely to prevent malware infections of all sorts. Don't tap on links you don't trust, and never deploy anything (like a file) that comes from an email sender you don't recognize.
Hackers use all sorts of tricks to get their victims to engage with their email notes and websites. Sometimes, they even use fear to make you act. Find out more about so-called "scareware" on our blog and how you can protect yourself.
How Keyloggers Work and How to Defeat Them. (2021). Oxford University Press.
MSI Warns of a Malicious Site Lacing Afterburner Overclocking Utility With Malware. (May 2021). PC Gamer.
Ryuk Ransomware Attack Sprung by Frugal Student. (May 2021). Threat Post.
Bizarro Banking Trojan Surges Across Europe. (May 2021). ZD Net.
My Facebook Was Hacked. Instagram and WhatsApp Too. How Did This Happen? (May 2021). NJ.com.