Keyboard Threat
Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: Keyboard Threat

  1. #1
    Senior Member kingkong's Avatar
    Join Date
    Oct 2007
    Location
    UAE
    Posts
    197

    Keyboard Threat

    Hi AO's

    i got this email from a friend who is not that attached to the computers and stuff related to new technology

    but i just wanted to highlight this for a suggestions and comments

    and attached are the photos of the device

    Attention Please

    PLEASE BE CAREFUL WHENEVER YOU'RE USING A PC AT A PUBLIC PLACE (Like INTERNET CAFES.. ETC ).
    CHECK THE BACK OF THE PC AND SEE IF THE BELOW DEVICE IS THERE..IF SO..DO NOT USE IT!!!!


    New storing device fits at the end of the keyboard cable connecting to the PC specialized to save all typed keys in it... Mostly could be used in net cafes, exhibitions, hotels and airports therefore be careful especially the people who use the internet in these places to enter their bank accounts online or any other important sites.
    After you enter the bank account and leave the PC it will be easy to open your account again as all what you have typed has been saved in the Black device.
    Therefore, you should check the PC for any suspicious piece behind it before using the net in public places for important sites.
    Please send it to all who you know to educate them against this fraud.
    Regards
    KK
    Attached Images Attached Images
    Question is not "Why are you Online"
    Question is "Why are you Off line"

  2. #2
    Senior Member Ouroboros's Avatar
    Join Date
    Nov 2001
    Location
    Superior, WI USA
    Posts
    628
    While most of us are aware of these keylogging devices, it's good to bring them up now and again to remind the newer users of computers about the seemingly innocuous or forgotten threats faced by the users of public computing stations. Good on you for that, KK.

    O
    "entia non sunt multiplicanda praeter necessitatem"

    "entities should not be multiplied beyond necessity."

    -Occam's Razor


  3. #3
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    If you find one, "take it into protective custody"...... they cost

    The downside is they are pretty obvious and easy to steal, and the owner can't really say much, as what they are doing is generally illegal.

    The upside is that they are undetectable by software scanners.

    In reality, you should never use a public place for anything sensitive. You don't have the time to scan the desktop for malware, and you do not have any control over the devices that the data subsequently passes through.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  4. #4
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    YEs im sure my mother is going to look at the back of the computer for a hardware device. sure...

    Anyway thanks for the heads up.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  5. #5
    Senior Member kingkong's Avatar
    Join Date
    Oct 2007
    Location
    UAE
    Posts
    197
    Yes i was aware about it too

    but the fact is i actually didnt knew is more subsequent details of it which i suppose is being highlighted now.

    any ways i dont think so people are aware of this minute little device instead even if they see it they would not even bother to touch thinking that it is some kind of a extension cable device


    1) But one more question if we use a cleaner "ccleaner" will that be able to delete those logs in the device?

    2) and is this device been approved by the cyber crime cell as a hacking device?
    Question is not "Why are you Online"
    Question is "Why are you Off line"

  6. #6
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391

    Question

    I've "captured" a few of these over the years, i always make a habit of scanning the back of a workstation when ever i am at a foreign desktop.
    I'll ever remove the contraption and hand it in. Or just casually slip it into my pocket and add it to my collection.

  7. #7
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    I have never seen one on a PC TBH but I do alot of CC transactions at an Internet Cafe for some reason

    Ill be on the lookout for it.

    Is it legal to inspect the box if it is concealed in a closed shelf or wood around it?
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  8. #8
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    KK,

    1. A system cleaner such as CCleaner won't do anything, firstly because they only clean known system files, and secondly, because the device is totally invisible to the system it is installed on. It is "stand alone" with its own software and memory. Think of it as being something like one of those USB memory sticks.

    2. It is as legal as a software keylogger. It all depends on the law in your particular region. In some countries you have to declare monitoring PC activity, just like you have to declare recording telephone conversations.

    any ways i dont think so people are aware of this minute little device instead even if they see it they would not even bother to touch thinking that it is some kind of a extension cable device
    I know what you mean. Right now I have two little devices on my bench that look pretty similar to the untrained eye. These are USB to PS/2 converters, and people might think that the keylogger was some sort of converter, or an antistatic device or a signal booster. Next to them I have a 2Gb USB memory stick........... if anything it is slightly smaller, so in theory you could store an enormous number of keystrokes on one of these devices.

    The givaway is that converters tend to be asymetrical, due to the different size/shape of the connections.

    @ t34b4g5,

    Have you ever tried microwaving one?............. I understand that they don't like it
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  9. #9
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    How does these things work?

    Send out the info via email or wait for someone to take it off the device?

    i.e unplugging the device and taking it home.

    This is when you hijack the person :P
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  10. #10
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    The ones I have seen would require removal from the target machine and attaching to a machine with the management software on it. The basic idea of these devices is that they do not interact with the PC, only with the keyboard, so they are undetectable by security software.

    OK, I hear you say, but they are pretty bloody obvious aren't they?............. well yes, they are, but only if you look and know what you are looking at. The average user probably never looks round the back of a computer at all, and in many office environments I have experienced, the actual computer is tucked away under a desk so it would take a fairly determined effort to get to it.

    I see three potentially vulnerable environments:

    1. A corporate or institutional network, particularly if it is multi-site. Here the admins can remotely scan for malware, block traffic, analyse traffic and so on. They cannot spot a physical keylogger though. Sure, it would have to be an inside job, but do you know who works for your office cleaning company or security service?............... do they know?

    2. Internet Cafe: pretty obvious, but the owner or manager should be vigilant and there should be some sort of enclosure to prevent access to the ports.

    Is it legal to inspect the box if it is concealed in a closed shelf or wood around it?
    Non-destructive inspection is generally "legal", but only if she is a consenting adult

    I don't like the idea of what you are suggesting............. sounds like a recipe for heating and ventilation problems. I prefer using "expanded metal" such as is used in security screens.

    3. The internet games room. I don't know if you have these, but with all Public Libraries providing free access as well as local government and other sites providing wireless hotspots, these are more common than the internet cafe over here. Scumbags are very avid in trying to steal your "gelt" or whatever, so they want your ID and password. Once again, the security should be the same as for a wireless cafe, but....................can you trust the owner/manager?

    This is when you hijack the person :P
    Well, not quite, it is at that moment in time that the green curved device with "this side towards the enemy" embossed on it, is activated


    I have never seen one on a PC TBH but I do alot of CC transactions at an Internet Cafe for some reason
    This implies that you are getting paid whilst AO is doing all the work?

    // off topic//

    Can you get hold of those Zimbabwe banknotes for millions of whatevers (dollars?).............. I have an idea for making some AOers some money for Christmas ............ and yourself of course!
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Similar Threads

  1. Network Security made easy?
    By Tiger Shark in forum Microsoft Security Discussions
    Replies: 5
    Last Post: January 14th, 2005, 07:47 PM
  2. Apache update opens the door to a bigger threat
    By moxnix in forum *nix Security Discussions
    Replies: 2
    Last Post: October 23rd, 2004, 05:28 PM
  3. BIOS Power-On Self Test (POST)
    By Cybr1d in forum Hardware
    Replies: 5
    Last Post: July 30th, 2003, 11:00 PM
  4. HP multimedia keyboard spyware
    By sumdumguy in forum Miscellaneous Security Discussions
    Replies: 9
    Last Post: April 28th, 2002, 04:39 AM
  5. some interesting keyboard issues...
    By zigar in forum Miscellaneous Security Discussions
    Replies: 1
    Last Post: February 25th, 2002, 11:30 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides