Cybercriminals steal user credentials in several ways. With this lucrative user data, hackers steal funds, confidential information, and even identities.
In many cases, hackers acquire sets of credentials leaked during massive data breaches from the Dark Web, but more targeted attacks are common too.
Some cybercriminals harvest credentials from individuals using keyloggers. Experts believe that keyloggers have taken over from phishing scams to become the hackers number one method for stealing data.
So, what are keyloggers and how do they work?
A keylogger is a software program, or external device, that covertly tracks and logs the keystrokes made on a keyboard.
Despite the obvious ethical questions, keylogger software is usually legal. Some companies use keyloggers to monitor employees, while law enforcement agencies use the technology to keep tabs on suspects.
The trouble is, malicious actors often manipulate the same keylogging software used by legitimate parties to steal personal data. And this software is incredibly easy to get hold of.
Keyloggers bridge the gap between a keystroke and its appearance on a computer screen. Hackers note down usernames and passwords entered by unsuspecting victims and use them to access accounts.
How bad can it be?
There’s no telling how serious the fallout from an attack using credentials stolen with the help of a keylogger can be.
One of the most publicized events took place at the Scandinavian bank Nordea in 2007. After a host of customers fell for an email scam, cybercriminals stole over $1million from client accounts.
Lured in by the fake correspondence, customers thought the bank was advising them to download antispam software. Instead, they infected their computers with a malicious program; a Trojan called Haxdoor.
Haxdoor has a built-in keylogging function that hackers exploited to gain access to multiple accounts. According to Haxdoor’s developers, the software has since been used to carry out similar attacks on other banks too.
You may already be affected. And here’s why
In December 2017, news broke that HP pre-installed hidden keylogger software into hundreds of its laptop models. The software has the potential to record everything typed by users on the computer’s keypad.
In all, a total of 460 models were affected including the Pavilion, EliteBook, ProBook, and Envy ranges. After the revelations surfaced, HP released a patch to remove this potentially dangerous keylogging program.
The keylogging function is part of the Synaptics software used to control the laptops touchpads and helped with debugging. If access to this keylogger fell into the wrong hands the consequences could be catastrophic. But HP isn’t the only culprit.
The popular 104-key Mantistek GK2 Mechanical Gaming Keyboard collects information using a keylogger. In a strange and complicated twist, Chinese export giant Alibaba is the recipient of this data.
Although not a fully-fledged keylogger – the software captures the number of times a user presses each key, not the sequence – it’s still a disturbing example of how companies are using this technology without customer consent.
Top tips for your security
• Never re-use the same credentials over multiple websites. Hackers attempt to access many sites using the same account information in the hope you’ve made that mistake.
• Change your password regularly. If you are the victim of a hack, you might be able to beat the criminals by using a different password.
• Never download an email attachment unless you are sure it’s safe. Read our blog post on targeted phishing attacks.