Ok, now that we have our passwords secured and everyone’s sleeping better at night, how about we talk Keyloggers? I’m fairly certain most all have heard of and know what a Keylogger is. Basically what it is, is malware designed to record every keystroke made on your computer and log it (sending it out periodically) or transferring it in real-time to the bad guys. They are also capable of sending screenshots, recording from your microphone and operating your webcam incognito. Yup, they’re pretty nasty boogers.

Don’t be a victim of identity theft. Learn how to stop hackers from stealing your information with keyloggers.

Netflix acounts get hacked and sold for 25 cents each on the darkweb.

Gaming information is being hacked just for the game points or screen name. Twitter accounts are being hijacked just for the account name or followers. These creeps will steal just about anything. They use webcams to capture incriminating images or video and use it to blackmail the victim. Just the fact that there may be some creepy person out there watching and listening to everything I do is enough for me to take action. I’ve read they can and do monitor for weeks or even months before they’re satisfied and move along with all your data. I would think that that must apply to corporations though. I can’t see the added benefit of monitoring a household for that long.

The main purpose of these programs is to steal username and password information for financial accounts. But they can use other account information as well. For instance, Netflix account information is being stolen and put up for sale on the dark net. They can go for as little as 25 cents a piece. Definitely not your high achievers working these scams.
Gamer profiles getting hacked for social status, usernames or game points.

Keyloggers in their own right have legitimate uses as well. IE: It can be used as a parenting application to monitor their child’s usage on the internet or by businesses to monitor employees. However, for the sake of this blog, I am referring to the bad malware type of Keyloggers. The wiki on keystroke logging can be found here.

Keyloggers come in a variety of flavors. Some can be detected by the simplest of anti-virus software and some may not be detected by anything shy of professional forensics analysis. The toughest of them are those that are attached to rootkit software, this is software that runs at the root or admin level of your pc with the highest privileges so as to be able to mask their existence. Note that rootkits of and by themselves are not necessarily malicious. What you have is a legitimate software like a keylogger paired with a legitimate rootkit software to perform a nefarious activity. That’s when it can be classified as malware. The two pieces separately are harmless.

As stated earlier and to make a point. not all malicious keystroke loggers are rootkits. Some may no doubt be blocked with your normal anti-virus, some may be blocked by anti-rootkits and others may never be detected at all. So we have to do the best we can with what we’ve got. Determining that proves to be a difficult task as there seems to be no definitive leaders in this realm of malware protection. Add to this all the mixed reviews to be found. It appears to be the most dangerous and least understood of all malwares.
The anti-rootkit and anti-keylogger software companies will boast on what their software blocks and how it does it but they don’t mention those malwares it does not block. And some of the reviews I read by a supposed third party I noticed were actually reviews written by the software maker themselves. I saw one blog by a company talking smack against one of the posters saying he was a SpyShelter employee, could be I guess. I had a hard time placing faith in any of the reviews on the subject.
So how can I decide how best to protect myself with all of these misleading reviews? Well, I think it’s a crap shoot. However, because of the undeniable fact that these malwares do exist, anything protecting you is better than nothing protecting you. You eventually have to place trust in something and hope you never get a rootkit or keylogger. Unfortunately, they say you can’t or shouldn’t run two of the same types of protection software on the same machine as they will conflict with each other. (A theory I will put to the test) it seems if you run two or three of them together you might catch the majority of these malware. So how to pick just one, hmm…
Well, I initially attacked this from two directions. First in using anti-keylogger software and the second by encrypting all my keystrokes using a program called a key scrambler or key encryption software. There are a few of these types of applications out there. The one called KeyScrambler is the one I chose and can be found here. If something slips by the anti-keylogger at least your keystrokes will be encrypted when the bad guys (or gals) get it.

I was leaning in that direction until I found out the anti-keylogger software I was looking into was no longer free for the full version of the software. KeyScrambler still has a free version but it only blocks stuff you type into your browser (which for me would cover most of what I would consider sensitive data). They have two pay versions of the software, KeyScrambler Professional for $29.99 for up to 3 PCs and KeyScrambler Premium for $44.99 for up to 3 PCs. Pro covers more applications than the free version and Premium covers more applications than the Pro version. They provide encryption on a per-application basis rather than just encrypting everything out of the keyboard which would make more sense but I guess it wouldn’t be as profitable. Go here to compare the different versions. Depending on your needs you too may find the free version to be satisfactory. However, they do cover a lot of additional applications with the pro and premium. I didn’t find a trial version of the software so I recommend installing the free version to see it in use before making the decision on whether or not to purchase.

The two anti-keyloggers left standing when I was done researching were Zemana Anti-logger and SpyShelter. Both initially started out as free software but both are now premium software with a stripped down free version. Both also include key scrambling which negates the need for two separate applications. So we now have two programs which offer anti-keylogging plus key scrambling, yay. Let’s take a look at both of them.

1. Zemana is priced at $34.95 for 1 year with discounted pricing for 2 and 3 years and/or 3 or 5 PCs. They offer a free 15-day trial if you want to check it out. They offer a scanner function and anti-ransomware protection. The scanner has two modes – a smart scan and a deep scan. I ran the deep scan and it found 5 pups’ (potentially unwanted programs) that were in my downloads folder for over a year and were never picked up by the plethora of anti-malware/virus software I’ve researched. This was impressive. The anti-ransomware feature also was a nice inclusion as this is normally offered as a separate program by itself. They also include an anti-screenshot feature, Webcam protection and microphone protection. Unfortunately, the software blocked keyboard input into Outlook and MS Word, I emailed the company about it and received a 40% discount coupon code which was a nice jesture but nothing mentioned about the problem with Outlook and MS Word. You can read an assessment of their Ransomware software by mrgeffitas here. It received a perfect score of 40 (covering 10 ransomwares), Malwarebytes Anti-Malware scored a 23, Cryptoprevent scored a 20, Hitman Pro Alert scored a 19 and Bitdefender Anti-Ransomware scored an 11.

Zemana antilogger.
Zemana antilogger screenshot.
2.SpyShelter is offered at 29€ (or $32.48 USD) for 1 year or 69€ (or $91.73 USD) for a lifetime subscription, yikes. In addition, SpyShelter also offers a free version, here, It’s pretty much the same as keyscrambler free in that it only works in one of the popular browsers by encrypting keystrokes. They also offer a free trial of the full version for 14 days. The full version comes with a ton of customizable features and a nice GUI to manage it all. I particularly liked that the home screen has nothing but on/off switches for all the features so you can quickly disable something if it’s blocking you. They also include Webcam Protection, Microphone Protection and several other features.
Spyshelter Screenshot
If you still want a free alternative you can also try something like Oxynger Keyshield which is a good on-screen keyboard type of anti-logger. I personally think the on screen keyboards that you peck at with your mouse are ridiculously tedious. I would much rather just use keyscrambler free or some other free key scrambler software. But if you don’t mind the on-screen type by all means head over to Oxynger, their free software also includes anti screenshot. You can find them here.
Oxynger Onscreen Keyboard
Overall, my entire adventures into the realms of rootkit and keylogger software was rather disappointing. There’s not a whole lot of information about either subject, and except for a couple instances (IE: the mrg-effitas assessment) all the write-ups were years old. Malware is an ever changing enigma, it needs to be covered in more depth and more accurately and frequently. It’s like the malware community’s hidden secret or something. As far as I’m concerned these two softwares are the only viable solutions out there for anti-keyloggers. Look how many decent anti-virus softwares we have available. There should be a similar market for anti-rootkit, anti-ransomware and anti-keylogger software. I also think it’s about time we have a program come out that covers all the different types of malware and covers it well.
During this research I’ve read several times how anti-Keyloggers aren’t necessary because your anti-virus or anti-malware will protect you. Some of the people in the forums even seem to get resentful or defensive about it. These people are just simply misinformed. I trust what the wiki says about rootkits and Keyloggers over most everyone else’s opinion. Not just because it’s wiki but because I agree with what it says about the severity of this software.
Here’s a real life scenario to back my words. While I was doing my research for this blog I downloaded a test application from SpyShelter to test the anti-keylogging features. I didn’t think much about it until the next day when I loaded up Zemana for more testing and it immediately detected and quarantined the test application. As it should because the test application acts exactly like a malicious keylogger. The program wasn’t even running at the time, Zemana must have found it either by signature or by looking at the code. Either way it found a keylogger and put an end to it. Which is what it’s supposed to do. What was really surprising though was that my main anti-virus (Sophos Home) and my main anti-malware (Malwarebytes Anti-Malware) did not catch this program. I even ran the program while testing SpyShelter and it’s been on my PC for over a day yet never got picked up. So much for not needing an anti-keylogger.
I can tell you without a doubt that having even the best antivirus is not enough. The thing about anti-Keyloggers is that they’re written with one intent, to stop Keyloggers. The software writers can pool all their resources into that one goal rather than trying to fix a dozen different things. They can remain focused on that one goal. I can speak from experience that even when you think you’re adequately protected, along comes the bad man and turns it all to mush. Hopefully the day will come when you can trust one piece of software to stop all forms of malware. In the meantime, we’re stuck henpecking our way through all the different types of protection.
Back three years ago, immediately after I was hacked, I was determined to learn everything I could about protection software and network security as a whole. I read every article I could find on the subjects. To make a very long story short, the two top contenders for best ‘Home Security Suite’ at the time were Comodo and Bitdefender. I first tried one, got hacked, tried the other, got hacked, plus I had Malwarebytes anti-malware the whole time. Even though there was keylogger software found on my machine I never saw a single alarm stating so. That is why I am a big proponent of anti-rootkits and anti-keylogger software. Maybe the fact that they specifically target these malwares they may also raise some red flags that something malicious is going on.
Hardware Keyloggers, USB Type

Since my goal is to cover all aspects of Network Security I thought I should briefly mention hardware keyloggers. These are physical devices placed between your keyboard and your computer. They also come as a USB dongle device meant to sniff out the signals from a wireless keyboard. A quick physical inspection will rule those out though. They also come in stealthier forms as circuits that are mounted in either the keyboard or inside the computer. These hardware devices are really outside the scope of this blog but I thought I should at least mention them because they do exist.

Hardware Keyloggers PS2 Mouse Connector Type

I hope that I helped clarify a few things and not cause more confusion. These malwares are the most technically advanced malwares out there so of course understanding them may prove difficult. Because of their complexity I plan to revisit this area in a follow-up in future days. Please post any questions, comments, concerns.

Until Next Time

Want new articles before they get published?
Subscribe to our Awesome Newsletter.