Keyloggers have been around since the early days of hacking (Kevin Mitnick one of the first hackers talks about using them in his autobiography). Key loggers are also one of the most essential spy tools around. Once infected by a key logger every key you press is essentially recorded and sent to somebody. no other fields really have something that is just as invasive as a keylogger. If we take surveillance for example the equivalent to a keylogger would be having eyes on somebody at all times even in their most private moments, so far there isn't a way to do that ... that we know of.
Whats most fascinating about keyloggers is that the concept and often their implementation is extremely simple making them to go to cyber tool for controlling parents, spouses and criminals.
Recently I had the opportunity to test out one of the most common hardware key loggers on the market so I thought I would document it all up for you.
What is a Hardware Keylogger?
A Hardware keylogger is a physical device which logs keystrokes Hardware key loggers are usually hard to detect compared to software keyloggers (most of them are picked up by antivirus) hardware key loggers on the other had are usually plugged into peripheral devices like keyboards or embedded on the inside of a PC. Since most hardware key loggers have their own storage and transfer mechanisms it makes them ideal of field use.
Installing the Keylogger
The Keylogger has a few basic configuration files one which will setup your wireless network connectivity and recipient email address. In order to configure the key logger you need to plug it in between your Keyboard and PC and hold down the keys K,B and S simultaneously.
Once done safely remove the drive and then install it again between the keyboard and PC of your target machine.
the WIFI.TXT configuration file contents:
WifFNetwork=MyNetwork wiFiPassword=MyPassword WiFiEncryption=WPA2 Recipientfirstname.lastname@example.org
The TIME.TXT Configuration file contents:
Year=2016 Month=4 Day=25 Hour=12 Minute=33 Second=15 Format=PM
There is also a toolkit to be able to control the computer from any machine on the network but I haven't covered that tool in this post.
If anybody is interested in reading about the detailed configuration options you can find the manual here.
To start recording simply plug the device in between the PC and the keyboard of your target machine and let the keylogging begin. In this example I used a wireless keyboard i noticed that after a brief testing session that the device actually go quite warm. At this stage I'm not sure if this causes any long term issues with the device.
Here is some sample output from the log file in LOG.TXT
[2016/4/24 11:57:32PM][Pwr] [2016/4/24 11:57:42PM]k[Sh]B[Sh]B[Sh]A[Sh]D[Sh]B[Sh]E[Sh]C[Sh]E[Sh]H[Sh]E[Sh]D[Sh]C[Sh]A[Sh]Csb [2016/4/25 12:06:50AM][Pwr]blsbbs [2016/4/25 12:06:51AM][Pwr]hacker_123TestPassword@1234$ [2016/4/25 12:07:23AM][Pwr]pwned
As you can see with virtually no technical skill somebody would be able to purchase this device (in some cases this device is much cheaper than keylogging software) and in under 30 minutes be ready to start spying some somebody. Make sure you are vigilante and don't leave physical security out of your security plans and procedures.
Protecting yourself from Keyloggers
Here are a few simple steps for protecting yourself from having your activity intercepted by a hardware keylogger:
- Always check any computer you are using for any strange peripheral devices.
- Make sure you thoroughly check any PC's or devices you purchase online to make sure you haven't received any "Bonus extras".
- Regularly audit your PC for peripheral devices.
- Use air gapped machines for any business or sensitive admin tasks.
- If you have to use a machine with a level of security you don't trust enter sensitive information out of order use the mouse cursor to help.
As always please let me know if found this article useful or if you didn't, Don’t forget to like this post or leave a comment below to let me know another area you would be interested in reading about. I should have something on Software Keyloggers shortly. Thanks for your continued support! Until next time!