What are keyloggers?
Everything you need to know about this info-stealing spyware
You've likely heard of various types of malware that threaten your privacy, but one of the most prevalent forms of spyware out there are keyloggers. A keylogger silently operates on your computer, recording every keystroke you make and transmitting sensitive information such as passwords to a hacker.
It's important to be aware of keylogging because even if you use cybersecurity tools like the best VPN to try and protect your data, they can still compromise your privacy and security in a way that’s very difficult to recover from.
This article is a guide to all things keylogger, from what exactly they are, to how they work and how they target your devices specifically. This knowledge is key to defending against keyloggers, so read on for more information on how to keep safe from this data-stealing malware.
What is keylogging?
Keylogging is when the keystrokes you make on your keyboard are recorded by a third party, for example a hacker. Every time you press a button on your keyboard, you’re sending a keystroke to your computer. This sends a signal to your computer, which its operating system records and acts upon.
This is important to remember when we talk about software and hardware keyloggers, but you should know that anything you type on your computer has to be processed inside it, and therefore can be stolen by a keylogger.
There’s two different but related concepts at play here. The first is keystroke logging, which is the actual act of recording anything you type on your computer. Keystroke logging can be carried out in a few different ways, which brings us on to the second concept, keylogging tools. These are the actual methods that someone uses to record your keystrokes.
Since keystrokes are mainly how you interact with your computer, keyloggers give hackers information about basically everything you do on your computer. In turn, this ends up compromising your passwords, your bank account details, your private conversations, literally everything that you type.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
While keyloggers are often used as spyware for malicious purposes, they can also have legitimate applications. There’s a lot of parental control software out there that gives you the ability to record keystrokes, capture screens, and enable a device’s microphone or camera in order to check what your child is getting up to on their computer.
Some workplaces also use these tools (also known as bossware) to look at what their employees are doing on the clock, however it's important to note that this is illegal to do without letting their employees know that they’re being surveilled.
How does keylogging work?
There are two different types of keyloggers you’ll encounter. Both are kinds of spyware that can be used to steal your data, but the way they work is different. First, let’s go over software-based keyloggers.
Software-based keyloggers can be installed remotely without directly accessing the device they're downloaded on. Once installed, they use sophisticated malware techniques to run without the victim's knowledge or permission. This then allows the hacker to silently collect your keystrokes in the background, passing them back to themselves over email or via an encrypted channel.
Hardware-based keyloggers, on the other hand, require physical access to your computer. These devices are typically inserted between the keyboard and the computer to intercept signals. It acts as a “virtual” keyboard, recording keystrokes while also relaying them to the computer so you don't notice that there's anything amiss. From a computer’s perspective, there’s no difference between your real keyboard and the virtual keyboard that the hardware keylogger gives it.
This means it’s much harder for a computer system to automatically detect a hardware keylogger. Thankfully, you’re most likely not going to encounter a hardware keylogger in your home. If anywhere, they’re going to be installed in a public place or potentially installed on a work computer.
If you’re worried about hardware keyloggers specifically, I recommend using an OS-based virtual keyboard. This is because the keystrokes generated by this type of keyboard aren’t being generated on the keyboard, and instead are skipped altogether. However, this isn't a fool-proof defense from all keyloggers. Software based keyloggers will still pick up on the keystrokes you create, and usually they come with screenshotting software which records your screen too.
The only foolproof way to defend against a hardware keylogger is to actually physically inspect your device for any extra connections you don’t recognize.
How can I avoid keylogging software?
You should take the same approach to avoiding keylogging software as all other malware.
Rule number one: don’t click on unknown or suspicious links, especially in unsolicited emails or messages. Hackers will often use the contact books of their victims to send malware to their friends and family on the basis that they’re more likely to trust the email.
You also shouldn’t download software unless you’re sure it’s from a trusted vendor. Even if you’re only downloading software through an app store like Google Play, there’s still plenty of malware lurking out there that masquerades as perfectly innocent software. There’s too many red flags to point out here, but free software that requests excessive permissions unrelated to the app is usually the number one sign something is wrong.
It’s pretty tiresome being suspicious of every single thing being sent to your inbox, though. Inevitably, there’s going to be a day where you end up accidentally clicking something you didn’t mean to or open an attachment without thinking about it too much. You need an anti-virus solution that’s going to have your back when this happens, which is why I’d recommend you’d check out NordVPN’s Threat Protection Pro.
Created by the same company behind the best VPN on the market, Nord, Threat Protection Pro builds on the anti-malware blocklist built into its basic threat protection Threat Protection. It adds in deeper ad-blocking, malware scanning, and a URL scanner that proactively protects against phishing attempts to keep you safe from any hacking attempts.
This is all built on top of NordVPN’s existing VPN infrastructure which protects your IP and encrypts your browsing traffic, hiding your data from your ISP and hackers alike. In addition to protecting you against keylogging, Threat Protection Pro protects you from a range of online threats in a single software package.
Sam Dawson is a cybersecurity expert who has over four years of experience reviewing security-related software products. He focuses his writing on VPNs and security, previously writing for ProPrivacy before freelancing for Future PLC's brands, including TechRadar. Between running a penetration testing company and finishing a PhD focusing on speculative execution attacks at the University of Kent, he still somehow finds the time to keep an eye on how technology is impacting current affairs.
- Olivia PowellTech Software Commissioning Editor