Sat 10 May 2008
How to Defeat a Hardware or Software Keylogger
Posted by brett under internet, software, tutorial, windows
[8] Comments
A keylogger records keystrokes which is an obvious security threat to sensitive information like your banking password. Some Keyloggers can be very hard to detect as they dont appear as a process and aren’t detected by anti-virus software. Keyloggers work by recording every single keystroke that is entered via keyboard, so a person with access to the keylogger can see those keystrokes including any passwords that were typed. Obviously you don’t want this to happen because it could result in the draining of your bank account.
The goal of this article is to help avoid this happening to you and luckily there are a few simple methods that can be used to defeat a keylogger. Knowing at least one of these methods is critical if you are using a public computer, such as those found at an internet cafe’s which have an extremely high risk of infection with a keylogger of some kind.
Types of Keyloggers?
Keyloggers come in both hardware and software types. A software keylogger can be installed in different ways such as via an infected email message or when installing software, especially software downloaded from the internet. Hardware keyloggers require physical access to the computer and come in both USB or PS2 versions, which look something like this…
On-Screen Keyboard Method of Defeating a Keylogger
This method uses the built in On-Screen Keyboard utility to enter the Password. To bring it up hold the Windows Key + U which will bring up the utility manager, then select On-Screen Keyboard then start. It can also be started by going start –> run and typing osk.exe.
Once the keyboard is up it is just a matter of selecting the password box where you want the password to appear, and entering the password via the On-Screen keyboard. This defeats the keylogger because you are entering the password with your mouse instead of the keyboard, so there are no keystrokes for the keylogger to record.
Scramble The Password Manually
As a security measure many public computers will not have access to the run command and if the Windows+U shortcut is also blocked you won’t be able to run the On-Screen keyboard. If this is the case you can manually scramble the password. This is probably the simplest method will always work.
This is how it works, type say the first 3 characters of the password…
Then click on another window or the desktop and type a few random keystrokes…
Then go back to the login window and finish typing the password…
That’s all you need to do. This method works because a keylogger records all keystrokes, no matter what window is currently selected. For example if your password is “bosco”, you could type “bos” then go to another window and type “111″ then back to password box to finish the password with “co”. The password box will see the correct password “bosco” but the keylogger will see all keystrokes “bos111co”, so that your true password has been scrambled.
Firefox KeyScrambler
Another way of scrambling your password is to use a Firefox extension called KeyScrambler. Obviously you need to be using the Firefox browser to use this method and I can’t vouch for the effectiveness of this method as I haven’t tested it, although I have read accounts of people who have tested it with an installed keylogger and report it to be effective.
Update: it seems that last link to bleepingcomputer.com is broken, so I have reproduced it for you here via Archive.org.
8 Responses to “ How to Defeat a Hardware or Software Keylogger ”
Comments:
Leave a Reply
Trackbacks & Pingbacks:
-
Pingback from Protecting your login information with KeyScrambler | Intrepid.com.au
February 9th, 2009 at 4:27 pm[...] is a reproduction of an article once found at bleepingcomputer.com. I had previously linked to the article but it’s no longer available so I have reproduced it here via [...]
July 1st, 2008 at 10:46 am
This is so simple and so powefull at the same time, so I’m a bitt shamed for not figurig it myself. Anyway, thanks for tips, they are realy effective.
I instaled several keylogers on my system, trying to figure out how to detect them, pass them or dissable them, than came up to this URL, googling for keyloggers.
And I cann’t realise how I was so blind to see those possibilities.
Now, I have another idea:
- type some random text in text editor, but with sence (some bad words for keylogger operator, for example)
- Copy + Paste letters to anywhere you want to place them…
- Enjoy
Greetings from Serbia
July 29th, 2008 at 10:47 pm
well, there are keylogger can break this method because they also log every mouse click.
example your pass is “ABCD”
they still got this in the log:
A adsdfsdasd B asdfasdf C adasdadad D
so the solutions is “auto focus mouse must be enable” before using manual scramble. so we can focus on somewhere in the page without click on it, then doing scramble without click logged.
July 29th, 2008 at 10:53 pm
@Ivan
NO, dont you know that keylogger also log clipboard? your copy-paste method is more dangerous than scramble method.
August 14th, 2008 at 6:02 pm
@Bo Indonesia
There is no copying or pasting mentioned in the article so i’m not sure what you are referring to when you say “NO, dont you know that keylogger also log clipboard? your copy-paste method is more dangerous than scramble method.”
I agree with your first comment though, some keyloggers also track mouse clicks. Your suggestion of enabling auto focus is good as it adds another layer of protection. My understanding however, is that most keyloggers use a “keyboard hook” and track keystrokes only, so the methods in the article would indeed work. But no method can guarantee protection so the methods above merely offer an additional layer of protection. To be truly safe I recommend the following…
1. Use a strong password
2. Change your password regularly
3. Avoid using public computers
4. Make sure windows is fully patched with latest updates.
5. Don’t download cracks and wares of the internet.
6. Periodically perform a clean installation of windows. I know this sounds like a pain but it is the only way to guarantee a clean system. If you use an imaging system like Norton Ghost a re-installation can take less than five minutes.
November 9th, 2008 at 8:22 pm
Have you tried http://kyps.net ? you can login via that to using one-time passwords instead…
November 18th, 2008 at 11:30 am
Bo,
Yours ABCD example is too obivous. Let see you figure out the password with this pattern. “! 23 #4 56 aB cd H e l l o ef G h S u c k e r I 6 7″. The spaces are included for the mouse click as you pointed out. Do you think as a keylogger you would want to spend time decipher such scrambled pattern. I would not. I just move on easier target.
November 18th, 2008 at 4:19 pm
thanks. i have always thought that keyloggers are totally invisible and undetectable, lol. Here are some keyloggers, we can have a test of the article,ha
http://www.keylogger123.com/products.html