爱污传媒

Skip to Main Content Skip to bottom Skip to Chat, Email, Text

What is a keylogger?

Michael Feder

Written by Michael Feder

Kathryn Uhles

Reviewed by听Kathryn Uhles, MIS, MSP,听Dean, College of Business and IT

Man looking upset with his hands on his head, looking at computer that has been compromised by a virus

A keylogger is a program that monitors device activity by recording every key that is pressed and saving that data to a file.

Sometimes keyloggers can be used for legitimate purposes. For example, high-security employers might use keylogging programs to monitor employee activity around sensitive files. In other cases, organizations might use a keylogger to decrease the risk of data theft.

When used illegally or without the user鈥檚 knowledge, a keylogger is a form of spyware. Covert keyloggers to steal personal information, including payment details, passwords and login credentials.

What are the different types of keyloggers?

Some keyloggers live online; others live directly in hardware and are installed and removed by a hacker. Despite the differences, all malicious keyloggers share a common element 鈥 they can observe, track and report on activity without the device user knowing about it.

API

API keyloggers work by monitoring keystrokes from application programming interfaces (APIs). It basically creates a communication link between two computers. The API allows the devices to 鈥渟peak鈥 with each other, which lets a hacker鈥檚 device receive all keystrokes recorded from the user鈥檚 device.

Form-grabbing

A form-grabbing keylogger is primarily used to record data entered into online web forms. Whenever users enter their personal information into a website鈥檚 form, the keylogger records the data.

Form-grabbing keyloggers often don鈥檛 exist on a user鈥檚 device. Instead, they are typically hidden inside a website鈥檚 code. When a user visits the unsecured website, the form-grabbing keylogger program records keystrokes and delivers the information to the hacker who implemented the malicious code.

Kernel-based

Kernel-based keyloggers work in multiple stages. First, the program will achieve root access 鈥 the authority in a device to carry out any command or access any file on the device鈥檚 hard drive. With this, a kernel-based keylogger will begin tracking a user鈥檚 keystrokes.

These programs remain hidden while extracting information. Even when running, they often don鈥檛 appear in the device鈥檚 task manager application. They鈥檙e also听听since they appear to have full, administrator-level permissions.

Hardware

A hardware keylogger is a physical device capable of tracking a user鈥檚 keystrokes. Sometimes it looks like a camera that can visually register keystrokes. In other cases, it might be built into the keyboard or connected to the computer via USB.

Hardware keyloggers begin work听. Tracked keystrokes are saved to a device, often without the user knowing. To retrieve the saved keystroke files, the hacker usually has to retrieve the hardware from the computer.听Although this isn鈥檛 common, it is important to be aware of.

Acoustic

An acoustic keylogger program records the sound that each key makes when pressed. Since each key makes a slightly distinct sound, it can track which key is pressed based on the noise it makes.

After acquiring the sound files of the keys, hackers will then translate the sounds to identify which keys a user has pressed. Acoustic keyloggers are used less often than other forms of keyloggers since the sounds recorded are sometimes muffled or inaccurate.

What are the dangers of keyloggers?

Keyloggers can be dangerous when used by cybercriminals. If the program is not identified and eliminated, a hacker can steal a lot of sensitive information. While keystroke logging spyware won鈥檛 negatively affect the state of a hard drive, it can easily steal and exploit data before a user knows what鈥檚 happening.

Identity theft

Cybercriminals with access to a user鈥檚 keystrokes also have access to sensitive information, including passwords and bank details. Armed with this information, they can steal a person鈥檚 identity,听, compromised Social Security accounts and emotional stress.

Fraud

Keylogger-based fraud can affect a person鈥檚 identity, finances and even friends and family members. Some hackers use a person鈥檚 keystrokes to send messages to the victim鈥檚 personal contacts, often as part of a听. Other hackers use saved social media passwords to听. With the right bank information, some scammers might go straight for finances.

Cyberstalking

Cybercriminals can also mine information from keystrokes, which results in 鈥 when cybercriminals use the internet to harass, intimidate or bully others. An estimated have experienced some form of online harassment.

Cyberstalking can often begin through an email or a message that feels harmless. The conversation quickly becomes less friendly, though, as cybercriminals continually contact a person even after the individual has asked for interactions to stop. Some cybercriminals will contact the same person through multiple accounts.

How can I protect myself from keyloggers?

It鈥檚 important to give your devices the best chance possible against keylogger programs. This means following the best preventive practices:

  • Keep all antivirus and anti-malware software up to date.
  • Same goes for your device. When your device protection programs release a new update, take the time to upgrade and eliminate any potential vulnerabilities.
  • Stay away from suspicious emails or email attachments. These emails and attachments might contain keylogger programs, sent from cybercriminals who want access to your keystrokes.
  • Store important files in the cloud and regularly back up your files to a secure location.
  • Update firewalls that regularly block keylogger programs and hackers.

How do I remove a keylogger from my device?

If you鈥檝e identified a malicious keylogger program on your device, remove the program as quickly as possible. This is critical to do before the keylogger begins sending your information to one or more cybercriminals.

Start by checking for antivirus or anti-malware software when removing a keylogger from your device. Run your device protection program to determine if your device is infected with any spyware, including a keylogger. Only use trusted sources to download an anti-malware program since some听.

Make sure to uninstall or delete untrusted programs you find. You may also need to remove hardware 鈥 including your affected hard drive 鈥 to fully eradicate the keylogger.

Exercise caution while completing any of the above steps. Keylogger programs can easily hide within other programs and may still be present even if you think you have fully removed them. If necessary, consult an IT expert for advice while attempting to remove a keylogger.

What are the benefits of keylogging?

Keylogging isn鈥檛 always a bad thing. In some cases, it can be used to create transparency and healthy levels of accountability.

Here are some of the benefits of proper keylogging:

  • Monitoring daily commitments 鈥 The amount of time spent on a device鈥檚 application can be tracked to ensure time is managed properly.
  • Reducing theft risks 鈥 Corruption can be caught at the source and minimize the risk that an employee will steal company property.
  • Controlling internet activity 鈥 Parents or guardians can monitor their child鈥檚 internet browsing habits. Employers can also block access to sites that might waste their employees鈥 time.
  • Creating productivity insight 鈥 Some keylogging programs can create reports based on device user habits to help employers make decisions based on where time was spent during a day, week or month.

When used in a business environment, many employers choose to notify their employees of the keylogger so they are aware of tracking programs in place.

How can keylogging be used in a career?

You might use keylogging in several ways, depending on your role. You might, for example, use it in a听cybersecurity position听or in听a career in information technology听(IT), particularly in a role that oversees employee security or productivity.

You鈥檒l likely need to听obtain a degree in technology听for either of these positions. Many aspiring cybersecurity and IT professionals听pursue a degree in cybersecurity听to improve skills in risk management, cloud security, systems administration and other fields.

Cybersecurity and IT education at 爱污传媒

Whether you鈥檙e seeking to gain a basic understanding of cybersecurity and other IT skills, or you鈥檙e a working professional looking to expand your knowledge, 爱污传媒 offers听online course collections,听certificates听and听degrees.

  • CYB/110 Foundations of Security course听鈥 This single course aligns to a Certified Secure Computer User (CSCU) exam with EC-Council. Anyone who passes this class is eligible for a free exam voucher for the EC-Council Certified Secure Computer User industry certification exam. Passing the exam increases your reputation as an ethical and responsible IT professional.
  • 鈥 This course collection can help you prepare to sit for the EC-Council Certified Ethical Hacker (CEH) exam. Topics include the phases of ethical hacking, recognizing weaknesses and vulnerabilities of a system, social engineering, IoT threats, risk mitigation and more.
  • Computer Hacking Forensics Investigator Course Collection鈥 This course collection can help prepare you to sit for the EC-Council Computer Hacking Forensics Investigator (CHFI) certification exam.听You鈥檒l learn about the latest technologies, tools and methodologies in digital forensics, including dark web, IoT, malware, cloud and data forensics.
  • Cybersecurity Digital Forensics Certificate听鈥 Ideal for students with a cybersecurity background, this certificate program covers methods for planning, implementing and monitoring security measures.
  • Associate of Science in Cybersecurity听鈥 The EC-Council and 爱污传媒 teamed up to launch the Associate of Science in Cybersecurity degree and elective courses that align with three EC-Council certification exams: Certified Ethical Hacker (CEH), Certified Network Defender (CND) and Certified Secure Computer User (CSCU).
  • Bachelor of Science in Cybersecurity鈥 This online program teaches skills such as security policies, network security, cybersecurity and more. This degree is also aligned to certifications such as CEH, CND and CSCU.
  • Bachelor of Science in Information Technology听鈥 Learn skills pertaining to information systems, system analysis,听operations and cybersecurity.
Headshot of Michael Feder

ABOUT THE AUTHOR

A graduate of Johns Hopkins University and its Writing Seminars program and winner of the Stephen A. Dixon Literary Prize, Michael Feder brings an eye for detail and a passion for research to every article he writes. His academic and professional background includes experience in marketing, content development, script writing and SEO. Today, he works as a multimedia specialist at 爱污传媒 where he covers a variety of topics ranging from healthcare to IT.

Headshot of Kathryn Uhles

ABOUT THE REVIEWER

Currently Dean of the College of Business and Information Technology,听Kathryn Uhles has served 爱污传媒 in a variety of roles since 2006. Prior to joining 爱污传媒, Kathryn taught fifth grade to underprivileged youth in 爱污传媒.

checkmark

This article has been vetted by 爱污传媒's editorial advisory committee.听
Read more about our editorial process.

Read more articles like this: