Tuesday, November 6, 2007

Avoiding Keyloggers

First things first! Always try to avoid accessing your online accounts from public computers (cyber cafes…etc). With all the keyloggers that may be stuffed in public computers, they pose a serious security risk to users. Keyloggers mean not just trojans, but commercial keyloggers as well.

What are keyloggers ?
Key Loggers are software or hardware tools to that captures the user’s keystrokes from keyboard. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. However, keyloggers are widely available on the Internet and can be used by private parties to spy on the computer usage of others hence stealing users private data.

Aim of this post on keyloggers
Our aim here is to confuse the keylogger by making it log some gibberish instead of our valid password. Off course, this is not completely foolproof though. Nothing is foolproof on the net. We only have to make it harder for thehacker.
(Note: These are tips I personally follow. If you have better ones, let everyone know by commenting here.)

Types of Key Loggers
We’ll be dealing with two types of keyloggers; software and hardware keyloggers.
Software keyloggers on the other hand are much more complex and hence difficult to deal with. Most of them record keystrokes, mouse events, clipboard activity..etc. So our best bet is to scramble the keystokes smartly.
Hardware keyloggers are much easier to detect. They are mostly attached between the keyboard and the CPU. A manual inspection should be enough in most cases.

How to confuse and avoid the software keyloggers ?
Let’s say we have to enter a password ‘jazz’.
Click the password box, type any random key. Select the entered random key with the mouse and type j. So we entered the first letter of the password.
Click the password box, type a random key. Again click and type a random key. Select the last two letters with your mouse and type the next valid key of your password.
In this case we managed to enter 2 unwanted characters as against one in the first step.
Continue in a similar way to finish typing thepassword. You can choose any number of random characters between your password.
So the keylogger will log something like:[click]b[click]j[click]g[click]m[click]a[click]v[click] z[click]t[click]c[click]z
Note how we used unwanted mouse clicks so that a mouse click is recorded before the random letters also. You can also experiment entering the password in the reverse order, infarct any order.
This method can be used for entering the username too, since most banks have account numbers as username. If you are suffering from some keylogger phobia, use this technique while typing the url too.

Another way is utilizing the browser’s search bar or address bar to camouflage the password.For eg. Click the password box and type a letter of the password. Now click the browser’s address bar or search bar and type some unwanted letters. Alternate between the password box and address/search bar till you finish. The result will be the same as the former method.

How to find the hardware keyloggers ?
Hardware key loggers are easy to find. They are devices which is attached in between keyboard and cpu junction. If you are really suspicious about them just check the back side of cpu and find if something is fishy. The images will give you a better idea.

Feeling secure? Well, this sort of stuff may not work against the really smart keyloggers. Yeah, the one’s that also take a screenshot when a keystroke or mouse event is detected.There’s is a solution for that too, but it is cumbersome. Take a Live CD of any of the Linux distributions. Insert and use ( and hope Linux will detect the hardware so you can start surfing; I have read Ubuntu Linux is good.). Even if you can successfully access from the Live CD, don’t forget to use the above tips to workaround the hardware keylogger.

Again as I mentioned in the beginning, always try to avoid dealing with confidential data from Public Computers. What are the precautions you take? Do you know a better technique? Feel free to comment….

3 comments:

Anonymous said...

I would like to add only that hardware keyloggers are easy to detect if you suspect that the kind of keylogger may be installed, but if you do not have any suspicion, they are impossible to detect by any software means. Such a device may be installed into your keyboard for example and if you don't assume there's a keylogger you'll be doomed to loose your sensitive data and no software can actually counteract. The advice not to deal with confidential data from Public computers is extremely up-to-date. But there's a means to protect your personal computer from keyloggers. I faced the problem of keyloggers and conducted a kind of research, tried to find some anti-spyware that would fight keyloggers effectively. The reliability was really important to me. I must say the task appeared to be difficult as the keylogging industry is developing very fast, there's a possibility to come across a custom built keylogger that was designed to monitor exactly your computer and perform specific functions. The measures of counteraction are lagging behind, though I managed to find some pretty effective software: Spyware doctor, Spysweeper, Ashampoo antispyware as an example. They of course cannot protect from hardware keyloggers, but at least they will provide a considerable protection against software keyloggers. I should also say that my home computer and our company computers are protected by PrivacyKeyboard. That was my luckiest finding. Fotunately due to this software we do not have to apply any methods of hiding passwords and etc. The protection is vital for us that's why we were scrupulous while testing this program. It seemed worth installing. PrivacyKeyboard besides blocking main keylogging activity also prevents keyloggers from taking screenshots and even offers a protection against hardware keyloggers, there's a virtual keyboard and harware keyloggers do not capture data entered with its help. Of course future will make the problem of keyloggers urgent again, but for now we have decided this isssue.

sannabasavana gowd said...

Can i use copy/paste method to type password? Like open an existing text file which has all characters, then copy and paste the password characters to the Password Box.

Will Software Keylogger record monitor pasted characters?

Anonymous said...

http://kyps.net is a solution for password entry on internet cafe computers.

Google