A keylogger is a software or hardware device used by cybercriminals to record keystrokes made on a keyboard (computer, telephone, etc.). It is often used to steal passwords, credit card numbers, bank details and other sensitive data.
A keylogger is usually a type of spyware that can :
- Save all the keys typed on the keyboard
- Capture logins, passwords, bank codes, etc.
- Discreetly transmit this data to a remote server
Keyloggers can also, but more rarely, be hardware (in the form of a box between the keyboard and the computer). Keyloggers are often distributed via a Trojan horse on the target system.
A Trojan horse may include a keylogger as one of its malicious features. In this case, the keylogger is an integral part of the Trojan. Conversely, some advanced keyloggers may have features similar to those of Trojan horses, such as the ability to give the attacker remote access.
Famous keyloggers
Emotet Emotet: Considered to be one of the most sophisticated Trojans, Emotet incorporated keylogging functions. Launched in 2014, it infected around 1.6 million machines before being dismantled by Europol in 2021.
DarkHotel The spy group used keyloggers to target the Wi-Fi networks of high-end hotels in Asia and the United States from 2010 onwards. They encouraged users to download a keylogger hidden in apparently legitimate software.