In February 2005, Joe Lopez, a businessman from Florida, filed a suit against Bank of America after unknown hackers stole $90,000 from his Bank of America account. The money had been transferred to Latvia.
An investigation showed that Mr. Lopez’s computer was infected with a malicious program, Backdoor.Coreflood, which records every keystroke and sends this information to malicious users via the Internet. This is how the hackers got hold of Joe Lopez’s user name and password, since Mr. Lopez often used the Internet to manage his Bank of America account.
However the court did not rule in favor of the plaintiff, saying that Mr. Lopez had neglected to take basic precautions when managing his bank account on the Internet: a signature for the malicious code that was found on his system had been added to nearly all antivirus product databases back in 2003.
Joe Lopez’s losses were caused by a combination of overall carelessness and an ordinary keylogging program.(Source)
Now let me explain what is keylogger?
Keylogger can be a small piece of software or hardware which records every keystroke and it monitor all the activities of the user. They can be programmed in any programming language such as C, C++,VB, VB.NET, JAVA etc. the simple coding to record all the keystrokes is available in almost every programming language. So this programming skills can be used to send the keystrokes and the website where those keystrokes are used through an an email to the attacker. So all the information of Victims Computer can be sent through just a very small piece of software to the attacker who can use that information anytime he wants.
Types of Keyloggers.
There are two types of keyloggers one is programmed Software keyloggers and other is Hardware keyloggers.
1. Software Keyloggers: Software keyloggers are programmed keyloggers which are written in some programming language to record all the keystrokes with the website or software name which we are using. For Example: If we are buying products online and we are entering Credit Card, Internet Banking details on our banking website and if keylogger is installed on our PC/Laptop then it will email the information we enter in the webpage of banking website and hacker can use that details to transfer or use your money for his shopping. Most of the Paid Antivirus software's can trace keyloggers but smart hacker can remove the Antivirus Signature from the keylogger so it can not be detected by the Antivirus Software. Because Nothing is Impossible. Govt of some countries also use keyloggers to trap the victims and because of that Antivirus Companies do not detect the keylogger software's Govt's use. Basically keylogger softwares are hidden from the taskmaneger because they are programmed to steal the information and the existence of the keylogger can be hided very easily with just 2-3 lines of code.
How to be safely enter credit card/online banking details online?
Now the question is for a layman person its nor possible to detect if his/her computer is infected by any keylogger or not. Because most of the people use pirated Windows and they cant even take assistance from Microsoft, and the guys who installs windows can also install trojans or keyloggers on your computer to steal your information. So if you ahve any doubt that your PC/Laptop is infected then you can use virtual keyboard which is present on almost every online banking website and we can also use on screen keyboard utility which is present in almost all Windows Operating systems which also use mouse to press keystrokes, because we need to press the buttons from the mouse and we don't need to press keystrokes so our information is not recorded.
There is a special case if smart keylogger is transmitting every screenshot of our PC to attacker then attacker can easily get details through that screenshots too but its very bad technique because every screenshot will be in the form of image and uploading every image after 1 sec means 60 images per minute is very tedious work which will slow down the internet of the victim. But if attacker knows that the victim has an internet with very good speed then the attacker can use that method too. Nothing is safe.
2. Keylogger Hardware: There is an another way of recording keystrokes using a special hardware which saves all the keystrokes in separate memory and that information then can be used anytime.
.jpg)
.jpg)
Keyboard Hardware :A special hardware is installed on the back of the CPU cabinet prior to the PS/2 adapter of the keyboard as shown in the figure and that hardware records the keystrokes pressed by the user. Cyber Cafe owners use such kind of unethical things to steal the user information of their clients.
USB Keyloggers: There is an another way of recording the keystrokes usiing a USB stick. USB stick stores each keystroke of the user and then saves all the keystrokes USB memory and later that keystrokes can be seen by the attacker to steal the personal information or banking details of the victim.
Never ever use E-Banking in Cafe, Hotels, or Shopping Malls they can also steal our keystroke information through their internet using sniffers which keeps track of every data packet sent and received.
No comments:
Post a Comment