Who's spying on you?

Posted on 5 May 2006 at 10:40

• 
• 
• 
• 

 1 of 4

Gallery

Keyloggers that record your every move online could be installed on your PC without your knowledge. Jon Thompson explains how they work - and how to stop them

Someone, a criminal or a crime investigator, could be watching every move you make on your computer. They don't need cameras or high-tech surveillance gear to do this. All it takes is a tiny little program sitting on your computer, recording every key you tap on your keyboard. These programs, called keyloggers, send back the information they gather to their creator. This is great for society if they're logging a mafia mastermind or al-Qaida cell member, but not so great if the keylogger was created by a criminal wanting your credit card details.

According to an ABC News investigation carried out late last year, keylogging, which is the act of capturing keystrokes to gain private credentials, now plays a part in a third of all computer crime, second only to botnet-based extortion (explained below). As people run their lives from home PCs, bank accounts have started emptying and credit card bills growing.

For some law enforcement agencies, keylogging is fast becoming an important weapon in their arsenal against organised crime and terrorism. Worried parents have also started using keyloggers to check up on their children's online activities. Employers too are free to log the keystrokes you make on their time and on their computers. But it's the risk posed by the illegal use of these practically undetectable programs that causes most harm to the individual. For the fraudster, keyloggers are the high-tech equivalent of looking over your shoulder as you enter your PIN at a cashpoint. Do you know who's watching you as you surf the internet?

WATCHING THEM, WATCHING YOU

According to cyber-security company iDefense, the number of malicious keylogging programs in the wild rose over 65 per cent in 2005 and this year seems as if it will top that by a considerable margin. Best estimates claim there are 6,200 variations on a theme already roaming free in cyberspace. Computers infected with illegal keyloggers watch everything you do. Once triggered they send the keystrokes, including any personal credentials, to a central server for later use or sale.

The distribution of malicious keylogging software usually takes place via virus-infected email attachments, but unpatched browser flaws can just as easily infect a computer simply by the user visiting dubious websites. Online security company SecurityFocus maintains a publicly accessible vulnerability database (www.securityfocus.com) that, at the time of writing, lists 64 security flaws in the latest version of Microsoft's Internet Explorer web browser. Several of these are suitable for deploying code directly on the surfer's computer without their knowledge, and certainly without their permission. Add to this a cavalier attitude about having up-to-date anti-virus and spyware protection, and conditions are ripe for infection and potential financial meltdown. The problem is that without dedicated, up-to-date detection software, keylogger infection is also uniquely difficult to spot.

While botnets involve hackers controlling thousands of unwitting PCs and using them to bombard victims with an onslaught, keyloggers are frugal in their needs. They hide themselves away and just copy every piece of interesting information to an equally hidden file, so their core functionality is surprisingly simple. Some, including legitimate, commercial offerings, can remove themselves from the running process list. But it's when someone starts using the collected data that the real fun starts.