A keylogger It is one of the ways of spyware oldest in existence. They began to be used in the 1930s 70 of the last century and, since then, they have been adapted to the different operating systems that have followed. One of the first cases of which there is evidence of its use took place in the middle of the mentioned decade, when the Soviet Union developed a keylogger device that targeted electric typewriters IBM Selectric that were used in American embassies and consulates in Moscow and Saint Petersburg. Once installed, the keyloggers measured changes in the magnetic field of each typewriter as the print head rotated and moved to type each letter. Soviet embassies, wary of this type of threat, continued to use manual rather than electric typewriters to type classified information.
Since then, keyloggers have taken many forms, always with the same goal: record what is typed on a device to obtain confidential information entered by the userHowever, its use is not always fraudulent or the work of cybercriminals. It can also be used by companies to monitor the activities of their employees on company computers, as a means of parental control, or by the owner of a device to detect unusual activity.
In any case, its most common use and the one for which it is known is as spyware. They can be hardware devicesfor example, a USB adapter that plugs into a computer or a PS/2 connector, which keyboards used to connect to computers before USB ports were standardized. Or it may simply be software, a way of malware when it is put to illicit use.
A common software keylogger consists of two files that are installed in the same directory: a file of dynamic link library which performs the recording and a file executable which installs the file DLL and activates it. The keylogger program records every keystroke the user types and periodically transmits the information via Internet for the attacker to access it.
Some keylogging programs may also include features to record other user data besides keystrokes, such as capturing anything that has been copied into the clipboard and take screenshots of the user or a single application.
The latter is what keyloggers do for mobile devices that use a virtual keyboard rather than a physical one. They are not strictly keyloggersbut they are presented under this name and the offer that can be found of this type of spyware is wide.
How to protect yourself from a keylogger
Keylogger software is distributed like other malware: it infiltrates the device through malicious links or attachments and also through exploits or trojansA keylogger runs discreetly in the background as long as the user does not discover and remove it.
To identify if you have one installed on your computer, you need to use an anti keylogger programThis type of software is usually more effective than traditional antivirus against this type of threat, but it is also advisable to maintain some security practices that minimize the impact that this spyware can have.
- Use a firewall to alert you of any suspicious outgoing Internet connections from your computer.
- Use the on-screen keyboard to enter sensitive information.
- Employ password managers so you don’t have to type them in every time you access a service.
- Enable the two-factor authentication or 2FA on all your accounts. This way, even if the attacker has your username and password, he or she will not be able to access your account from your mobile phone without confirming that it is you.