Jump to content


Photo

What is the use of keylogger?


  • Please log in to reply
5 replies to this topic

#1 onlyspy

onlyspy

    Member

  • Banned
  • Pip
  • 5 posts

Posted 26 May 2014 - 05:40 AM

Hello webmaster please describe me what is the kelogger software ?

 

Thanks



#2 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 26 May 2014 - 10:05 AM

Keyloggers record your keypresses.  They can steal your passwords and many of them can track your browsing.  It is considered malware unless you have installed it yourself.


Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#3 r2d290

r2d290

    SWI Junkie

  • Helper
  • PipPipPipPip
  • 375 posts

Posted 26 May 2014 - 03:00 PM

ops, wrong topic


Edited by r2d290, 26 May 2014 - 03:01 PM.


#4 MalwareEnemy

MalwareEnemy

    Member

  • Helper Trainee (A)
  • Pip
  • 2 posts

Posted 12 March 2015 - 07:31 AM

A keylogger will record the keys you press. This data may then be uploaded back to a C&C server (C&C stands for Command and Control) where the attacker will receive the information.

 

The information may contain your passwords to websites, messages you have sent over a social network, etc. The information is recorded when you press keys.

 

For example, you may open up a program and enter information in a "text box" control. The keylogger may inject into this program to retrieve the information from that text field. E.g. a username and password.

 

Keyloggers can be joint with rootkits. For example, the rootkit will load a driver into kernel mode. It will then use SSDT hooking (32-bit) to protect the keylogger process. The keylogger is in user-mode and records keys. Information is sent too and from the driver in kernel mode to the user mode process. Not only this, but the rootkit may hide the files the keylogger uses, and/or even prevent the process (keylogger process) from being displayed in Process Management software such as: Task Manager.

 

Then, in the end, the sample also connects to a C&C server. When it is directed too by the attacker, it will upload the currently recorded contents of recorded key presses (information on keys you pressed) back to the server. It may even have the ability to record what websites the information was entered on (or programs, also uploading a copy of the program depending on the file size), etc.

 

A C&C server can help do other things such as:

 

- Download more malware

- Update the malware

- List running processes on the system (back to the attacker)

- Upload files (to the server for the attacker to look at)

- Check what Antivirus software is installed (so the attacker is aware)

- Collect other PC information

- List can go on and on...

 

Thank you.


Edited by MalwareEnemy, 12 March 2015 - 07:33 AM.


#5 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,466 posts

Posted 12 March 2015 - 11:57 AM

Not all keyloggers fit that description - there is more than one type...


Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#6 walterjohns01

walterjohns01

    Member

  • New Member
  • Pip
  • 1 posts

Posted 02 April 2015 - 12:13 PM

Hi, 
 
Actually Keylogger is an advance program designed to extract user's information from victimized computer. Mostly it affects Windows system and no matter which version you are using, it can easily infects Windows XP, Vista, 7 8 and others. Its main activity is to record every keystrokes performed on the system. In this way it can easily collect required information and send them to hackers and they use them for illegal purposes. So everyone should be careful and do not take risk and must take required action to get rid of keylogger that generally belongs to Trojan family. For More Information you can see how-to-get-rid-of-swisyn-aikqw32almanahe-completely-from-system

 

EDIT: To remove advertising link...  Note that we do not allow advertising on the forum and will ban if there are any continued efforts to do so...


Edited by Budfred, 02 April 2015 - 05:18 PM.





Member of UNITE
Support SpywareInfo Forum - click the button