First things first! Always try to avoid accessing your online accounts from public computers (cyber cafes…etc). With all the keyloggers that may be stuffed in public computers, they pose a serious security risk to users. Keyloggers mean not just trojans, but commercial keyloggers as well.
What are keyloggers ?
Key Loggers are software or hardware tools to that captures the user’s keystrokes from keyboard. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. However, keyloggers are widely available on the Internet and can be used by private parties to spy on the computer usage of others hence stealing users private data.
Aim of this post on keyloggers
Our aim here is to confuse the keylogger by making it log some gibberish instead of our valid password. Off course, this is not completely foolproof though. Nothing is foolproof on the net. We only have to make it harder for the hacker.(Note: These are tips I personally follow. If you have better ones, let everyone know by commenting here.)
Types of Key Loggers
We’ll be dealing with two types of keyloggers; software and hardware keyloggers.
1. Software keyloggers on the other hand are much more complex and hence difficult to deal with. Most of them record keystrokes, mouse events, clipboard activity..etc. So our best bet is to scramble the keystokes smartly.
2. Hardware keyloggers are much easier to detect. They are mostly attached between the keyboard and the CPU. A manual inspection should be enough in most cases.
How to confuse and avoid the software keyloggers ?
Let’s say we have to enter a password ‘jazz’.
1. Click the password box, type any random key. Select the entered random key with the mouse and type j. So we entered the first letter of the password.
2. Click the password box, type a random key. Again click and type a random key. Select the last two letters with your mouse and type the next valid key of your password.
In this case we managed to enter 2 unwanted characters as against one in the first step.
Continue in a similar way to finish typing the password. You can choose any number of random characters between your password.
So the keylogger will log something like:
[click]b[click]j[click]g[click]m[click]a[click]v[click] z[click]t[click]c[click]z
Note how we used unwanted mouse clicks so that a mouse click is recorded before the random letters also. You can also experiment entering the password in the reverse order, infact any order.
This method can be used for entering the username too, since most banks have account numbers as username. If you are suffering from some keylogger phobia, use this technique while typing the url too.
Another way is utilizing the browser’s search bar or address bar to camouflage the password.
For eg. Click the password box and type a letter of the password. Now click the browser’s address bar or search bar and type some unwanted letters. Alternate between the password box and address/search bar till you finish. The result will be the same as the former method.
Subscribe to:
Post Comments (Atom)
-
This video tutorial demonstrates how to easily setup your Raspberry Pi as Android TV A big shout out to KonstaKang for providing a modified ...
-
This video demonstrates how to run Windows XP on Single board computers like RaspberryPi, TinkerBoard etc. Follow commands below to boot the...
-
How to modify BCD when installing a previous version of Windows onto a computer running Windows Vista Installing an earlier operating system...
How to add Wireless capability to legacy printers using Raspberry Pi
This video tutorial demonstrates how to easily add wireless print capablity to your wired legacy printers using your Raspberry Pi. We hav...
No comments:
Post a Comment