Save your Data from Keyloggers

Welcome to My Bank’s Internet banking.
Enter your userid and password.
Userid: xxxxxxxxx
Password: xxxxxxx
Action = submit.jsp

and you have logged into banking application.
Now Just Go inside following location:
Location:
C:\WINDOWS\system32\config.dll

You will get:
File contents:
08-Aug-08: 08:00: Window title: Welcome to My Bank's internet banking
Userid: xxxxxxxx Password: xxxxxxx

What's wrong:
When you browsed to banking page and typed in your userid and password to signin into the bank, A hidden malicious program was working to log your keystrokes, and browser interceptions, named keylogger, keystroke recorder running in the background logging all the keystrokes into a config.dll file located in C:\WINDOWS\system32 folder. This file contains all the keystrokes typed in. It contains the window title and all those things typed into that window along with few other details. This file will go to attacker's ftp site or in attacker email id.
These keyloggers are easily and freely available on internet . And many of these are undetectable for a normal computer user. So your chance of being infected by such a malicious code even if you have an updated antivirus/anti-Spyware program is about 70%. See the brighter side, you still are 30% safe.

So what can we do-
<1> Use a strong antivirus programm, with anti spyware .
<2> Daily or weakly boot scan can reduce the threats of malicious software.
<3> The past foolproof way to bypass keylogger was virtual keyboards.

Why i said that virtual keyboards was foolproof in past. They can save your keystrokes but this was when stealers were simple keyloggers. Whatever keys were typed in, they were captured by the malicious code and logged into some file in simple or encrypted form. This attack can be mitigated by virtual keyboards. It works simply by clicking the keyboard layout by a mouse. So the basic keyloggers cannot capture the mouse clicks and hence the passwords cannot be logged.
malware coders have thought a new one mouse clicks cannot be logged. However their x-y positions can be logged which can then be used to get the keys clicked using their x-y position on the web page. people started randomizing their virtual keyboards alphabets rows.
 So malware coders thought - Why not take a snap-shot of the keys pressed. Screen snap-shot of say 1 by 1 cm can be taken when a mouse click occurs. The letter present in snapshot is the password of the victim.
After this discussion i think that if we use three tricks given above the chance of your password stealing will remain only 10%.


Disclaimer: I don’t take Responsibility for what you do with this script, served for Educational purpose only. 
0 Comments
Disqus
Fb Comments
Comments :

0 comments:

Post a Comment