What’s a Keylogger? And How Do You Beat One?

anti malware, Cyber Security, keylogger, malware, Ophtek, spyware, , , ,
30
Mar 2021

One of the simplest forms of spyware you can run into is a keylogger. Capable of stealing large amounts of data, a keylogger is simple yet dangerous.

In the world of cyber-security, keyloggers are a frequently mentioned hacking device. But what exactly are they? And what should you do if you fall victim to one? These are important questions as keyloggers can cause immense damage. The main interest of a keylogger is data. In particular, keyloggers have an intense hunger for personal data. Login credentials, banking details and social security information are all at risk. Therefore, it’s critical that you know what a keylogger is, how it works and how to protect yourself.

Luckily, we’ve put together a quick guide to give you the lowdown on keyloggers.

A Beginner’s Guide to Keyloggers

As we have established, keyloggers thrive upon harvesting data from their victims. The simplest way that a keylogger can do this is by monitoring and recording the keystrokes that are made on an infected PC. The software behind a keylogger is simple and can quickly be installed on a PC either manually, through an infected website or as part of a malware package. Once it’s installed, the keylogger will work silently in the background as it records data. The harvested data will then be routinely transmitted to a remote server.

A keylogger can quickly harvest data that puts both organizations and their customers at risk. Not only can personal details be stolen and used for criminal means, but financial accounts can also be compromised. Almost all modern malware will contain some form of keylogger; this is unlikely to change while users continue to use their keyboards to enter data into PCs. But you don’t need to fear keyloggers. As long as you know how to protect your PC then you should be able to benefit from peace of mind.

Beating Keyloggers

It’s impossible to provide 100% protection against keyloggers, but it’s possible to strengthen your defenses to their maximum. And you can do this by carrying out the following:

  • Two-Factor Authentication: One of the best methods for thwarting hackers is by using two-factor authentication. Organizations can easily generate unique authorization codes that are forwarded to an individual’s phone/personal device. These one-off codes ensure that employees can gain access to their network, but, even if this code is harvested, it is useless.
  • Monitor Network Activity: A keylogger will need to contact its remote server to transmit its stolen data. But, to do this, it will need to leave your network. And this network activity can easily be monitored at your end. Any unusual traffic or external destinations should be investigated immediately and blocked if any malicious activity is suspected.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

5 Different Types of Malware to Look Out For

botnets, fileless malware, malvertising, malware, Ophtek, Ransomware, spyware, , , , , ,
06
Oct 2020

The world of malware is a complex one due to the sheer variety of forms it can take. And it’s these differences which make it difficult to deal with.

The term malware is generally used as an all-encompassing term to describe a piece of malicious software. But, over the years, many different strains of malware have emerged as hackers evolve their tools and techniques. These strategies are often put into action to help avoid detection, but sometimes these new strains are the result of changes in technology.

Regardless of the reasons for developing a new malware variant, the end result is the same: a threat to your PC.

It’s vital that these threats are countered to protect your networks and your data; the best way to secure this safety is by understanding the different types of malware.

Identifying the Most Common Malware Variants
It’s difficult to put a precise number on all the malware strains that are out in the digital wild, but these are five of the most common forms:

1. Ransomware: One of the most debilitating forms of malware, in terms of finance and productivity, ransomware has generated many headlines over the last few years. It’s a type of malware which infects PCs and encrypts crucial files. The only way to decrypt these locked files is by paying a ransom, usually demanded in an untraceable cryptocurrency, in order to obtain a key for their release.

2. Malvertising: We all find online adverts irritating, but usually all we have to do is either close or mute the advert. With malvertising, however, things are more sinister. A new take on malware, malvertising laces legitimate online adverts with malicious files . And what’s most troubling about this malware strain is that it doesn’t require any user action e.g. clicking on the advert. If the advert runs then the malware is active.

3. Botnets: Hackers like to strengthen their attacks and one of the simplest ways for them to achieve this is by infecting large numbers of PCs. By collecting together whole networks of PCs, a hacker can use these numbers, and associated processing power, to launch large attacks on other networks and websites. These botnets are created through malware attacks and are causing particular problems within IoT networks.

4. Spyware: Data is crucial to organizations and, due to its value, is also highly prized by hackers. Not only can data be used to access secure systems, but financial data is extremely valuable. Therefore, hackers are keen to steal this data; spyware represents one of the easiest methods of achieving this. Once a PC is infected with spyware it’s every action is monitored, logged and transmitted e.g. keystrokes are recorded to reveal sensitive login details.

5. Fileless Malware: One of the more recent developments in malware, fileless variants are exactly what they sound like: no files necessary. Fileless malware sidesteps the traditional route of operating within the hard drive and, instead, works within a PCs memory. This is a clever approach as anti-malware software concentrates on hard drive activity. From the relative safety of a PCs memory, fileless malware leaves little evidence of its presence.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

More Pre-Loaded Lenovo Spyware

Security,
28
Oct 2015

Lenovo-Yoga-658x370-2212b47ff38e685e

Several weeks ago, Lenovo was found to be preloading spyware onto their laptops; now it’s been discovered they’re loading spyware onto their Thinkpads.

Yes, Lenovo has certainly disgruntled a whole new sector of customers. And what with the Thinkpad range being marketed as a business laptop it’s particularly worrying for business customers.

After all, which business wants to get caught up in any type of security threat which could potentially distribute their customers details to third party sources?

Let’s take a quick look at exactly what’s happening.

The Spyware Scandal

spionage_w492_h312

The Thinkpad range was purchase by Lenovo from IBM and these refurbished models are being packaged with a piece of software called ‘Lenovo Customer Feedback Program 64’ which is causing the latest controversy.

But what exactly does this spyware do?

Well, it’s there to send customer feedback back to Lenovo’s servers to help improve their products and service. There’s not anything particularly nefarious about that. However, it’s also been discovered that this piece of software contains the following files:

  1. TVT.CustomerFeedback.OmnitureSiteCatalyst.dll
  2. TVT.CustomerFeedback.InnovApps.dll
  3. TVT.CustomerFeedback.Agent.exe.config

It’s the first file which is interesting as it relates to Omniture who are an online marketing and web analytics company. What they do is monitor people’s behaviour online to help build a snapshot of how internet traffic is moving across the web.

Now, although Lenovo do disclose in their EULA (End User Licence Agreement) that software will be transmitting customer feedback to the Lenovo servers it is buried away amongst a lot of text. Additionally, there is no mention that internet usage will be monitored and passed on to Omniture for what is surely financial profit.

Just imagine the security risks this could have with your business if hackers are able to find a loophole in this spyware and can piggyback onto your internet connection? It could spell serious security issues for the security of yours and your customers’ data.

Removing the Spyware

Virus-Removal

Thankfully, it’s not a mammoth task when it comes to removing the spyware, so just follow these steps:

  1. Download ‘Task Scheduler View’ which is a useful piece of software which displays all the tasks running in Windows
  2. Within Task Scheduler View you will want to disable anything which is related to Lenovo customer feedback and/or Omniture
  3. It’s also recommended to rename the folder “C:\Program Files (x86)\Lenovo” e.g. “:\Program Files (x86)\Lenovo-test” to help prevent any other dubious files being activated or installed

This should that your Thinkpad and your confidential data remain secure and are not at risk of being exploited.

When Will Lenovo Stop?

This is the third security scandal to hit Lenovo this year after the Superfish and BIOS modifying controversies, so consumers are understandably losing their patience with Lenovo.

Although Lenovo claims on their website that “Lenovo takes customer privacy very seriously and the only purpose for collecting this data is to improve Lenovo software applications” it remains to be seen when they will follow through on this pledge.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More