In this part of iolo’s ongoing series exposing malicious software, we take a closer look at how to detect and prevent keyloggers.

Malicious Keyloggers

With iolo’s Security Spotlight series, you can read about the various malicious programs that infect computers, destroy data and steal personal information, and get some valuable pointers on how to protect yourself.

Knowledge is power—knowing more about what the high-tech vandals are up to can give you a powerful defense against their tactics. Guard against online threats by staying vigilant against keylogging, a stealthy technique employed by cybercriminals to capture sensitive information.

This part of the series takes a closer look at a stealthy type of malware often used in financial cybercrimes, keyloggers.

What is a keylogger?

A keylogger, also called a keystroke logger, captures all of the keystrokes you make on your keyboard. A criminal can see your passwords, bank account information, credit card numbers, personal email and instant messaging conversations—any and every thing that you type is covertly captured.

How it works is that as you type, all of your keystrokes are saved to a small file that is then silently sent to an email address, web site or waiting server. The hacker can then sift through the data, pull out all the private information needed to access your financial accounts and begin the theft.

A little history
Early keyloggers were designed for legitimate monitoring purposes, such as for parents wishing to track their children’s computer activity (and legitimate keyloggers—software that is intentionally and knowingly installed—are still in use today). However, it didn’t take long for criminals to see the potential of this technology; malicious keyloggers first began to appear in the early 1990s.

Keyloggers of today
Today’s malicious files are more and more often being designed with a profit motive, and keyloggers are a perfect example of this growing trend—the creators of modern keyloggers don’t want to destroy data or cause havoc; they just want to steal money.

Some infamous keyloggers

  • From 2005 to 2006, a large criminal ring in Brazil captured people’s bank user IDs and passwords through the use of keyloggers. Before the group of 55 thieves was caught and arrested, an estimated $4.7 million was stolen from 200 different accounts.

  • In 2005, Joe Lopez, the owner of a small computer supply company in Florida, sued his bank after hackers stole $90,000 from his business account through the use of a keylogger. Initially the bank refused to return the stolen money, asserting that the theft was due to a security breach of Lopez’s computer, not the bank’s. The case was eventually settled out of court.

Where do keyloggers come from?

To install keyloggers, cyber criminals typically exploit the tools we use to communicate over the web: email, instant messaging and social networking sites are the most common ways these malicious programs are distributed. The thieves send attachments or links that, if clicked, install the keylogger. Keyloggers are also often hidden inside of malicious trojans—and it’s easy to be tricked into installing a trojan because it disguises itself as program that serves a beneficial purpose. (Click here to read more about trojans.)

Another common source of keylogger infections are peer-to-peer (P2P) file-sharing networks. These networks allow users to share their own digital content and download the content of others, but unfortunately hackers often use P2P networks to “share” keyloggers and other malware that appear to be useful but in reality are very dangerous.

What do keyloggers do?

Keyloggers are designed to steal—your login credentials, your personal data, and ultimately your money. Once your name and login information are known, it’s easy for hackers to begin the theft; keylogger-based crimes typically involve setting up wire transfers from people’s back accounts or making online purchases with stolen credit card numbers.

While other types of malware can waste system resources, conflict with valid programs and generally just slow your PC down, keyloggers are much more stealthy and are designed to hide themselves unobtrusively: you can’t tell when a keylogger is installed. The infiltration may only be discovered when mysterious charges appear on your credit card or your bank account is emptied.

How you can protect yourself

  • Think before you click. Many keyloggers are sent through email, social networking postings and instant messages. And the more sophisticated criminals know better than to use an unknown name—often these malicious messages will arrive under the guise of someone you know. Avoid the temptation to be “click happy”: think before you click and if anything looks a little off, check with your contact to make sure they sent it to you.

  • Be cautious of peer-to-peer sites. There are dozens of file-sharing networks out there that offer free access to files. And every one of them is full of keyloggers, viruses and every other form of malware that exists. Either avoid these sites or use them with caution: you’re not getting something for free if your bank account ends up getting wiped out.

  • Use anti-malware software. Even with the most diligent preventative measures, malware can still find its way onto your computer. Install and run anti-malware software and turn on the program’s “real-time” feature: this will detect and block a keylogger from sending information from your computer.

How System Shield® can protect you

iolo’s System Shield® protects your PC from all types of malicious files: keyloggers as well as dozens of other types of malware. Some highlights of System Shield:


 Flexible options for scans System Shield’s malware scans can run automatically when your computer isn’t being used—you don’t have to think about it—and you also can run scans whenever you want to: a smart choice for after you download files.

 Automated protection 2 ways 

For total peace of mind, System Shield offers two automated protection features:

  • Real-time is an invisible form of protection that runs quietly behind-the-scenes to check files as they’re opened, changed, moved, copied, and saved—a critical defense against malware silently making changes to your PC.

  • Email protection automatically scans email messages and attachments before they’re received or sent—both you and the people you communicate with are protected.

 Safe quarantine System Shield’s Quarantine is a safe holding area that gives you total control over suspicious files. The Quarantine prevents infections from causing any damage, but still allows you to keep the files you know are safe.

 Up-to-date malware definitions  Old definition files can’t protect you against the most recent attacks—and the criminals come up with newly designed malware every day. System Shield updates its definitions in real-time as threats emerge, sometimes even 8-10 times in a single day, based on the latest research from iolo Labs.