Keyloggers

The term ‘keylogger’ itself is neutral, and the word describes the program’s function. Most sources define a keylogger as a software program designed to secretly monitor and log all keystrokes. This definition is not altogether correct, since a keylogger doesn’t have to be software – it can also be a device. Keylogging devices are much rarer than keylogging software, but it is important to keep their existence in mind when thinking about information security. Legitimate programs may have a keylogging function which can be used to call certain program functions using “hotkeys,” or to toggle between keyboard layouts (e.g. Keyboard Ninja). There is a lot of legitimate software which is designed to allow administrators to track what employees do throughout the day, or to allow users to track the activity of third parties on their computers. However, the ethical boundary between justified monitoring and espionage is a fine line. Legitimate software is often used deliberately to steal confidential user information such as passwords. Most modern keyloggers are considered to be legitimate software or hardware and are sold on the open market. Developers and vendors offer a long list of cases in which it would be legal and appropriate to use keyloggers, including:

• Parental control: parents can track what their children do on the Internet, and can opt to be notified if there are any attempts to access websites containing adult or otherwise inappropriate content.
• Jealous spouses or partners can use a keylogger to track the actions of their better half on the Internet if they suspect them of “virtual cheating”.
• Company security: tracking the use of computers for non-work-related purposes, or the use of workstations after hours.
• Company security: using keyloggers to track the input of key words and phrases associated with commercial information which could damage the company (materially or otherwise) if disclosed.
• Other security (e.g. law enforcement): using keylogger records to analyze and track incidents linked to the use of personal computers

However, the justifications listed above are more subjective than objective; the situations can all be resolved using other methods. Additionally, any legitimate keylogging program can still be used with malicious or criminal intent. Today, keyloggers are mainly used to steal user data relating to various online payment systems, and virus writers are constantly writing new keylogger Trojans for this very purpose. Furthermore, many keyloggers hide themselves in the system (i.e. they have rootkit functionality), which makes them fully-fledged Trojan programs.

Unlike other types of malicious program, keyloggers present no threat to the system itself. Nevertheless, they can pose a serious threat to users, as they can be used to intercept passwords and other confidential information entered via the keyboard. As a result, cyber criminals can get PIN codes and account numbers for e-payment systems, passwords to online gaming accounts, email addresses, user names, email passwords etc. Once a cyber criminal has got hold of confidential user data, s/he can easily transfer money from the user’s account or access the user’s online gaming account. Unfortunately access to confidential data can sometimes have consequences which are far more serious than an individual’s loss of a few dollars. Keyloggers can be used as tools in both industrial and political espionage, accessing data which may include proprietary commercial information and classified government material which could compromise the security of commercial and state-owned organizations (for example, by stealing private encryption keys).

The fact that cyber criminals choose to use keyloggers time and again is confirmed by IT security companies. One of VeriSign's recent reports notes that in recent years, the company has seen a rapid growth in the number of malicious programs that have keylogging functionality.

How keyloggers spread ?


Keyloggers spread in much the same way that other malicious programs spread. Excluding cases where keyloggers are purchased and installed by a jealous spouse or partner, and the use of keyloggers by security services, keyloggers are mostly spread using the following methods): a keylogger can be installed when a user opens a file attached to an email; a keylogger can be installed when a file is launched from an open-access directory on a P2P network; a keylogger can be installed via a web page script which exploits a browser vulnerability. The program will automatically be launched when a user visits a infected site; a keylogger can be installed by another malicious program already present on the victim machine, if the program is capable of downloading and installing other malware to the system.


The best ways to avoid them is 

• Get the best antivirus software here(not a pirated copy but a legitimate and a legal one! and not a free version too!!!!) Go here
• Don't forget to regularly scan and update it too !
• Use a SECURE BROWSER ! Try mozilla or opera (if your INTERNET is damn slow) BUT NO IE !!!!!!!!!!!!!!!!!! Still 20% of the visitors to my blog use Internet Explorer.
• Use GENUINE SOFTWARES ONLY ! eg Genuine Windows,Genuine Ms. Office,etc

A word to IE users...IE isn't unsafe at all it's DANGEROUS !!Read why it is so....right here read what people say 

• Install WOT extension to your browser and change your Domain Name Service

The Next two tricks will make you super secure!

• Well if your password is !=!@^${-} Start typing random letters...Select them and overwrite them with your password...So the keylogger will record..things which don't exist in your password ! Because most keyloggers don't track mouse activities like selecting,deselecting,overwriting,replacing...For example it may record !5!%=*!%@!*^*$Thbigi[gkgk{gjh-}  (I have underlined the characters in my password :P A keylogger would never do that!).
• You can also write your passwords right to left ! So  }-{ $^@!=! will be stored(poor keylogger...fooled!).You can also remix it with the previous trick...So HACKERS!Bad Luck! And yes this trick is MUCH BETTER than the on screen keyboards(See an example)Because some keyloggers are programmed to take screen shots every time you click !

By following these tips you'll stay away from all possible attacks and troubles.....and then NO ONE CAN EVER KEYLOG your activities without your knowledge.

Keylogger is not good or bad but how people use it .It is just a poor program which is misused.
Just like any other tech products, keylogger software is a two-edged sword, it's beyond bad or dangerous, the only point is that how people use it. Personally, I think it's a effective way of parental control.