Monday, July 02, 2007

Beware of Hardware Keyloggers

You may be vigilant about rogue software, but what do you do with these ?

I went to the library once and found one of these connected to a computer, needless to say i took it and destroyed it :P




Here is how they work, they take the power needed from the keyboard port as well as supply power to the Keyboard. When you do a keystroke, it intercepts it, records it in a flash type memory and then forwards the signal to the PC, it will be like it was never there. But unknowing to you it will be recording all your usernames and passwords. So here is my advice, before working on a public computer always check for these babies !

5 comments:

Tarun said...

Another way would probably be that when you are using a public computer and you want to type your Username & Password, do so by using the On-Screen keyboard function available in Windows.

It consumes much more time but you can at least be sure that your passwords aren't being recorded..

Siddharth said...

Hey ankit, what library was this in man? Was this the NSIT library or some other ... Nice info though, never knew these things existed.

Ankit said...

NSIT Library :P

Someone must have bought this from abroad , i dont think this is available in India.

Siddharth said...

Good lord! I have always been sceptical about logging in from those fishy terminals. And coming to think of it, so many people use orkut and gmail on them. This baby must have had loads of customers. Another question, do u have any idea where these recorded keystrokes would be stored in the PC? Could u find that file too?

Ankit said...

Actually the thing i had found had a flash memory in built which needed a special USB cable to access, since i didnt have it , i destroyed the thing. I dont think it used a file.

One should never log on using the library PCs, you never know who might be snooping on you :)