A keylogger is a software or hardware that is capable of logging a user’s keystrokes on a computer. With such a logger, it is possible to obtain confidential data or spy out passwords.
What is a keylogger?
Keylogger is sometimes also called as a keystroke logger. Such a logger can be implemented either in the form of software or hardware. It is able to record all keystrokes and monitor a user, obtain confidential data or spy out passwords, PINs, and access data. Hackers, government intelligence agencies, and investigative authorities are the main users of this software or hardware.
The logger stores the recorded data either locally on a hard disk, directly in its hardware, or transmits it to a remote server via a network connection. Depending on the variant of the keylogger, it records all data or selectively selected keystrokes. Intelligent algorithms ensure that only relevant data, such as passwords, is selected for selective recording. Many keyloggers distribute themselves over the Internet as malicious code and install themselves unnoticed on the respective target system.
Software-based keyloggers work between the operating system and the keyboard driver of a computer. They take keystrokes directly from the keyboard driver and send them to both the operating system and the keylogger. Depending on the type, they either store the acquired data locally on the hard disk or forward it to a specific address on the Internet or network.
Software-based loggers are the most common form of keyloggers. They are often part of extensive malware designed to compromise a computer or user, which installs itself on a computer unnoticed. Also possible are loggers that are designed as an instance or an add-on software of a browser. They are able to record all input in browser windows.
Hardware-based keyloggers are small physical devices to be mounted between the keyboard and the computer. This requires physical access to the computer. For example, the logger can be equipped with a USB interface on both sides and act as an intermediate plug between the keyboard and the computer’s USB socket. It has an integrated memory in which it collects all recorded data.
Evaluation of the logger is possible either by removing the device and attaching it to another computer or via special software on the monitored computer itself. Some of the hardware keyloggers have their own wireless interface and send the data to a target system via WLAN or Bluetooth. Hardware keyloggers can be used very flexibly, as they work completely independently of the installed operating system.
Legal regulations regarding keyloggers
Keyloggers may not be used in Germany without consent. Anyone who does so nevertheless is liable to prosecution under §202a of the German Criminal Code for spying on data. If a logger is used on a company computer, both the consent of the works council and the information of the user is required.