Many types of malicious software are vying for a place on your computer. While all categories of nasty programs fall under the general name "malware," there are specific kinds that try to accomplish certain goals. One of these that you've probably heard of is spyware, which monitors your computer usage without your knowledge to sell ads or steal your information.
One of the most dangerous types of spyware is a keylogger. Let's take a look at what keyloggers do, how they're harmful, and a recent example that affected lots of users.
What Are Keyloggers?
Keylogging is the act of capturing a user's computer input without their knowledge. Essentially every key the user presses is recorded for the attacker to review and use. Whenever they want, the attacker can grab a text file with a log of all the user's actions, like in the screenshot below.
As you can imagine, this is devastating for security. A keylogger renders even the most complex password useless, because it's shown in plain text for the attacker to see. The websites you visit, passwords you type, and private chat information you share with trusted co-workers could all be siphoned without you even knowing.
We mentioned that most keyloggers run via software. Typically, they sneak onto a computer the same way as other malicious software -- through an unsafe software download. Some of these software keyloggers have even more functions than capturing keys. They might capture items that the user copies and pastes using the clipboard, or even grab screenshots periodically.
While not as popular, hardware keyloggers also exist. These physical devices must be plugged into a machine, then capture all the keyboard data in a similar manner. Instead of plugging a keyboard right into the computer, it plugs into the keylogging device, then into the computer.
Keyloggers in the News: Issues With HP
Recently, security researchers discovered that several models of HP computers were logging user input with keyloggers. This wasn't a deliberate move by HP; rather, an audio driver from the company Conexant mistakenly included the keylogging software. HP's vice president clarified that this keylogger was added for testing purposes and wasn't supposed to make it into the final consumer version.
Of course, having your computer capture every keystroke you press and keep them in an insecure text file isn't good. Anyone who knows where to look -- or malware that's designed to harvest this information -- can access everything you've typed. According to these researchers, computers that sold as far back as December 2015 could be affected.
— Johan Arwidmark (@jarwidmark) May 11, 2017
Thankfully, HP has moved to remedy this issue. They've rolled out updates to remove the keylogging functionality and delete the files that contain typed data. This fix is available via Windows Update as well as HP's website. Anyone with an HP machine should run Windows Updates immediately, or use the HP Support Assistant software to update these audio drivers.
Aside from special cases like this HP issue, the best way to avoid keyloggers is the same way to avoid other types of malware. A proper antivirus will detect and remove keyloggers before them become a threat. Avoiding suspicious downloads and websites will prevent keylogging software from getting on a computer in most instances. Many companies make special software for defeating keyloggers, but these cost extra money and aren't necessary for most users.
For hardware keyloggers, the best defense is physical security. If your servers and computers are kept behind locks, unauthorized personnel won't have the opportunity to plug in a keylogging device. Regular inspection of machines to ensure that one of these devices isn't plugged in is important, too.
Keyloggers are scary, but with some common sense and proper defense, you shouldn't have to worry about them. Talk with your IT department before installing any software you're unsure of, and ask them to make sure your computer is regularly installing Windows and antivirus updates. These are the best defenses against keyloggers.