1 / 13

A Software Keylogger Attack

A Software Keylogger Attack. By Daniel Shapiro. What is Phising & Pharming. Social Engineering Users follow “spoofed” emails to counterfeit sites Users “give up” personal financial information Technical Subterfuge Software is planted on your system

turner
Download Presentation

A Software Keylogger Attack

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Software Keylogger Attack By Daniel Shapiro

  2. What is Phising & Pharming Social Engineering Users follow “spoofed” emails to counterfeit sites Users “give up” personal financial information Technical Subterfuge Software is planted on your system Used to steal information directly from the computer Pharming Software that misdirects users to fraudulent sites RCMP 2005 (http://www.charlottetown.cips.ca/LS2.ppt)

  3. “Next Generation” Keyloggers Today’s keyloggers incorporate “stealth” operations Capture more than keystrokes Screen shots Recording of Web addresses Free Examples: BFK, pykeylogger RCMP 2005 (http://www.charlottetown.cips.ca/LS2.ppt)

  4. Phishing Using Keyloggers [2] • Definition: “A keylogger is something that records keystrokes made on a computer. It captures every key pressed on the keyboard and stores it down in a file or memory bank that can be viewed by the person performing the monitoring in real-time, or at a later date.” [1] • There are two types of keylogger: hardware keylogger and software keylogger [1] http://www.keyghost.com/keylogger/ [2] DatTien Nguyen and Xin Xiao

  5. Hardware Keylogger [2] Three types [1]: • Inline devices that are attached to the keyboard cable • Devices which can be installed inside standard keyboards • Actual replacement keyboards that contain the key logger already built-in It only can be discovered by people and removed physically [1] www.wikipedia.org [2] DatTien Nguyen and Xin Xiao

  6. Software Keylogger [1] [1] DatTien Nguyen and Xin Xiao

  7. Software Keylogger [2] * Can capture both keys pressed and screen * 2 sub-categories [1]: • Visible in the task manager • Invisible and stealth keyloggers * It is true that secure I/O programs can completely protect your computer from software keyloggers [1] www.keygosh.com [2] DatTien Nguyen and Xin Xiao

  8. Protecting yourself from Keyloggers • First and foremost: The best security and related policy is always built on layers. The best way to protect a system and network from these intrusions always starts with the same methods one would use to prevent the spread of a virus, but additional measures must be taken for these new risk BEYOND those measures. • Keyloggers and Trojans often aren’t detected by Antivirus systems, so make sure you have a good spyware detection and removal tool OR verify your Antivirus program handles these spyware threats as well. Make sure this software is update and run regularly as new threats can burrow in at any time. Dynamic Net, Inc.

  9. Protecting yourself from Keyloggers • Consider installing a personal firewall on each computer or at least enabling a firewall built into the operating system of the computer. Firewalls can’t save the world by themselves, but a good personal firewall monitoring incoming AND outgoing traffic from an individual computer will be a good way to find out if anyone is attempting to break in. It will also give you an idea as to whether or not anyone or thing is attempting to have your computer send data out. Dynamic Net, Inc.

  10. Logoff with running keylogger KEYLOGGER

  11. My Ideas • Run keylogger • Log off of shared computer • The actions of the next user to log on are compromised OR • Run keylogger on kiosk • Sit back and collect infoweb accounts • Begin spamming activities with harvested accounts

  12. Other new attacks • Open a portal online • Harvest user passwords (e.g. Password = XXX) • Inject Trojan+keylogger into website content/service (e.g. streaming video plugin .exe) • Email user saying “I know your password! Your password is XXX! Change your passwords!” • User logs into banking website and gives away password to keylogger • Empty the bank account and/or sell credit card number

  13. Other new attacks • A low-tech approach to phishing has caught a NSW-based organisation after its employees were mailed CD-ROMs containing hidden keylogging software. [1] • More than 40,000 Web sites have been hit by a mass-compromise attack dubbed Nine Ball that injects malware into pages and redirects victims to a site that will then try to download Trojans and keylogger code... [2] [1] http://www.zdnet.com.au/news/security/soa/ Phishing-attack-Your-keyloggers-are-in-the-mail/0,130061744,339274590,00.htm [2] http://news.idg.no/cw/art.cfm?id=EDAD4BEC-1A64-6A71-CE6961E072D06093

More Related