Beware of Hardware Keyloggers

LFT — Thu, 10 Aug 2006 23:25:10 -0400

It is not common, but computers can have hardware keyloggers attached to them. If a computer has a hardware keylogger on it, it will be able to record your keystrokes even if you are using a Linux live CD.

There is a solution though. While using an on-screen keyboard will not protect you against software keyloggers, an on-screen keyboard should protect you against hardware keyloggers. So the combination of a Linux live CD and the use of an on-screen keyboard to enter your passwords should protect against both hardware keyloggers and software keyloggers.

The Risk of Hardware Keyloggers in Public Internet Cafes

I suspect that hardware keyloggers are not common in public Internet cafes. It is much easier for Internet criminals to use malicious software to do their work for them remotely. Physical devices attached to the computer increase their chances of getting caught.

While most public computers have spyware, viruses, and trojans, very few have hardware keyloggers. In any case, here are some tips:

What Do Hardware Keyloggers Look Like?

I've linked to some images of hardware keyloggers below. The most common hardware-based keyloggers are a physical device that fits between the end of the plug of the keyboard and the box of the computer:

A hardware keylogger that fits between keyboard and computer
A hardware keylogger for USB keyboards
A before and after shot of a computer with hardware keylogger installed. Notice the extra length of cable in the "after" image.
Another hardware keylogger

Hardware Keylogger Lookalikes

Be aware that not every device that fits between a keyboard and a computer is a keylogger. There are similar-looking devices that are made to convert one type of plug to another (for example USB to PS/2). These adapter plugs are harmless.

How to Protect Yourself Against Hardware Keyloggers

It's always good to take a moment to look at the connection between the keyboard and the computer before you use a public computer. That is not the only kind of hardware keylogger though. There are also hardware keyloggers that can be put inside keyboards, or in other hard-to-detect places. By using a Linux live CD in combination with an on-screen keyboard, you should be able to bypass hardware keyloggers.

Keylogger Exploit

LFT — Thu, 27 Jul 2006 17:17:59 -0400

A recent story on the Register describes a computer attack that shows how easily a Windows computer can become infected with a keylogger:

"Surfers who follow this link are taken to a spoof copy of the BBC story hosted on a maliciously constructed site that exploits the unpatched createTextRange vulnerability in an attempt to install key logging software on victim PCs.

This key logger monitors activity on various financial websites and uploads captured information back to the attacker, security firm Websense warns."