Handling keyloggers - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: Handling keyloggers

  1. #11
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,242
    Yes there are?

    Oooohhh, noooooo...

    “Everybody is ignorant, only on different subjects.” — Will Rogers

  2. #12
    Member
    Join Date
    Jan 2006
    Posts
    46
    Is it possible to install a key-logger on a machine over the internet without the recipient knowing? Then retrieving that information at a later date?

    How would this be done and how would you find out if it is done to your machine?
    Thanks,
    jrumj

  3. #13
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    JRUMJ

    Is it possible to install a key-logger on a machine over the internet without the recipient knowing? Then retrieving that information at a later date?

    Yes, most certainly...............members on this site might remember me testing this about 18 months ago "Lover Spy" it was called. The promoter of it is looking at prime bubba time

    How would this be done and how would you find out if it is done to your machine?
    1. It "phones home" either through a dialler or internet link.
    2. Through a router/firewall that blocks or monitors unauthorised connections and through an IDS that monitors for unusual activity.
    3. Scanners
    4. 9mm Parabellum & fear

    As to how it is done.............if you are stupid , you open/download something that you should not.

    Otherwise, if you are stupid, you do not understand physical security, or the need for a good lawyer and a pre-nuptual contract?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  4. #14
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,242
    Is it possible to install a key-logger on a machine over the internet without the recipient knowing?

    That's exactly how it's done. I found one on a friend's computer that was activated using Internet Explorer to access about a dozen-and-a-half different bank sites including Citibank, Key Bank, wells Fargo, PNC and e-Gold. Found the tech sheet on it at Trendmicro.jp. It'd activate, record, then send off the data via IRC. Not sure how it got on there, but I'm sure the install was socially-engineered. This one sounds similar:

    http://www.theregister.com/2006/02/0...eylogs_losses/
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  5. #15
    Member
    Join Date
    Jan 2006
    Posts
    46
    And simple spy ware would find this in your computer correct? Like ad-ware or spy-bot? I would think this would not be difficult to find if you were scanning for one.
    Thanks,
    jrumj

  6. #16
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,178
    JRUMJ old chap,

    Please go here:

    http://www.ewido.net/en/

    The software is on a 14 day trial, after this the interactive protection stops, but as a private user you can still update it and use it as an on demand scanner. It must find at least 150,000 scumware, a lot of which are missed by AVs and more specialist tools.

    Then go to http://www.emsisoft.com/en/software/free/ and get A-Squared.

    Install and update them then reboot into SAFE MODE and run them. I bet you get a surprise

    Also run your AV in safe mode and defrag as well.............that is cool because all this stuff that gets regularly updated like pattern and signature files will only defrag in safe mode. As they are interacive scanners a fragmented file affects performance
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  7. #17
    Dissident 4dm1n brokencrow's Avatar
    Join Date
    Feb 2004
    Location
    Shawnee country
    Posts
    1,242
    Spybot and Ad-Aware both missed that particular keylogger. RAV antivirus online scan didfind it though. RAV's since been bought out by M$, which is using their AV technology for Vista's built-in AV app.
    “Everybody is ignorant, only on different subjects.” — Will Rogers

  8. #18
    King Arana: Super Moderator
    Join Date
    Oct 2002
    Posts
    4,055
    Is it possible to install a key-logger on a machine over the internet without the recipient knowing? Then retrieving that information at a later date?
    You do understand how normally that would be taken as a possible social engineer attempt at us teaching you how to illegally put a keylogger on a system without the other users knowledge, right? Just curious... we don't promote malicious activity here, so just for future reference, k?
    Space For Rent.. =]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides