To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
');
// -->
 |
 |
|  |
RELATED CONTENT
 |
Malware, Viruses, Trojans and Spyware |
 |
Schneier-Ranum Face-Off: Is antivirus dead?
|
 |
Modern malware, stealthy botnets, adapt quickly, expert says
|
 |
Computer worm infections up, scareware antivirus down, Microsoft says
|
 |
Web-based attacks skyrocket, pirating sites surge, security firms say
|
 |
Mini guide: How to remove and prevent Trojans, malware and spyware
|
 |
Kaspersky system analyzes malicious URLs on Twitter for malware
|
 |
Silon malware intercepts Internet Explorer sessions, steals credentials
|
 |
Breach forces payroll service provider PayChoice to shut down again
|
 |
RSA research underscores problem tracking cybercriminals
|
 |
Conficker analysis finds P2P coding limited, less sophisticated
|
|

Having devices and/or software that captures all of your keystrokes and sends them to a malicious third party is a pretty terrifying concept. It's important to keep in mind, however, that there are different types of keyloggers available to attackers. Hardware-based keyloggers, for example, attach between the keyboard and the USB or serial port on the back of a computer. These can be easily detected by tracing the cable from your keyboard to your computer and seeing if there is anything between them.
Software keyloggers, though, can be far more difficult to detect and remove. After all, they are rarely named "evil keylogger.exe" when installed. Often malware, like keyloggers, have names that are similar to other normal processes like svchost.exe, making it difficult to distinguish between a safe process and a malicious one.
I recommend becoming familiar with tools that are generally used for detecting rootkits. Many of the tricks that rootkits use to hide on computers are also used by keyloggers, and keyloggers are often incorporated into various rootkits.
Tools like IceSword, FileMon and F-Secure plc's Backlight utility are great for seeing the internal workings of a system. I would also recommend keeping your antivirus product up to date, since many of the AV vendors have signatures for common keyloggers.
To verify that the malicious code is gone, monitor the network traffic to and from your system with a tool like Wireshark to ensure that the system is not communicating with the attacker.
|