1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Beware!! Keylogger attacks on the rise...

Discussion in 'BlackHat Lounge' started by Blackhat_Boy, Jan 13, 2010.

Tags:
  1. Blackhat_Boy

    Blackhat_Boy Newbie

    Joined:
    Oct 2, 2009
    Messages:
    48
    Likes Received:
    235
    We all know what damage keyloggers can do. It can be a virtual suicide if someone gets to know our precious passwords. I have recently been a victim of keylogger attacks but due to the precautionary measures i had already taken I was unscathed.

    I am writing this since keyloggers attack are on the rise and I just wanted to warn you all.

    Here are some ways that may help you :

    -- You can use a virtual keyboard such as http://www.lakefolks.org/cnt/. It is a Click-N-Type keyboard designed for anyone with a disability, but it can be used against keyloggers, simply by clicking keys with the mouse whenever you have to write sensitive information such as passwords.

    -- Check the task list by press ctrl+alt+del in windows. Examine all the tasks running, if you unsure of a task look it up on a search engine.

    -- Use the system configuration utility to determine which task are loaded at start-up (type "msconfig" in the run box to start).

    -- Run your antivirus checker, it's possible this will pick up the Keylogger on your system.

    -- Scan your hard disk for the most recent files stored. Look at the contents of any files continually updating (these might be logs).

    -- Download a specific keylogger detector program, and see if it detects anything.

    -- Run Spybot S&D, this program checks for some known keyloggers.

    -- Here is a free anti-keylogging program. http://dewasoft.com/privacy/kldetector.htm

    -- You can also use a speech recognition software like Dragon Naturally Speaking to enter critical info on the web.


    Hope this helps,
    Blackhat_Boy..
     
    • Thanks Thanks x 15
    Last edited: Jan 13, 2010
  2. showboytridin

    showboytridin Regular Member

    Joined:
    Sep 5, 2009
    Messages:
    348
    Likes Received:
    716
    Location:
    127.0.0.1
    Nice tips.

    Copy and paste some characters can help too.
     
    • Thanks Thanks x 1
  3. small_town_boy

    small_town_boy Power Member

    Joined:
    Aug 14, 2008
    Messages:
    531
    Likes Received:
    168
    Yes, Spybot is what I use. Also, use different passwords for everything and change your main passwords 1 a month.
     
    • Thanks Thanks x 1
  4. Theodore

    Theodore Power Member

    Joined:
    Oct 13, 2009
    Messages:
    682
    Likes Received:
    266
    good advise! thanks also i would like to say that there is a virtual keyboard on windows just type `on screen keyboard` in the start bar. :)
     
  5. Blackhat_Boy

    Blackhat_Boy Newbie

    Joined:
    Oct 2, 2009
    Messages:
    48
    Likes Received:
    235
    Roboform can also help in this case..
     
  6. lucius

    lucius Power Member

    Joined:
    Jul 29, 2009
    Messages:
    546
    Likes Received:
    158
    Hi,

    Great tips, yea I always copy paste the passwords to sensitive accounts! btw, theres already a built in virtual keyboard within windows
    hit start --> programs --> accessories ---> accesibility --> on screen keyboard

    hope it helps
     
  7. Ewooo

    Ewooo Newbie

    Joined:
    Jul 14, 2009
    Messages:
    7
    Likes Received:
    6

    I heard that it's very easy to crack Roboform with all the passwords inside.
     
  8. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,638
    Likes Received:
    11,332
    Occupation:
    Pusillanimous Knitter
    Location:
    Buenos Aires
    If you are dealing with a lot of money, do not be fooled. The only thing is to boot on a CLEAN NO PROGRAMS INSTALLED NO NOTHING BOUGHT WINDOWS (or a free Linux :D) machine.

    Only that. Rootkits, keylogers, screenstealer, audio/video capturers everything CAN and probably already ARE in your PC.

    Antiviruses DO NOT work against pro attackers.

    Now you know. Be wise and keep your bank.
     
  9. sammyd

    sammyd Junior Member

    Joined:
    Dec 6, 2008
    Messages:
    170
    Likes Received:
    59
    Windows also has built in speech recognition software in the accessibility part of the control panel
     
  10. jazzc

    jazzc Moderator Staff Member Moderator Jr. VIP

    Joined:
    Jan 27, 2009
    Messages:
    2,638
    Likes Received:
    11,332
    Occupation:
    Pusillanimous Knitter
    Location:
    Buenos Aires
    This is totall bull. DO NOT DISINFORM PEOPLE IF YOU KNOW SHIT ABOUT SOMETHING.:soapbox:
     
  11. Blackhat_Boy

    Blackhat_Boy Newbie

    Joined:
    Oct 2, 2009
    Messages:
    48
    Likes Received:
    235
    This is not necessarily true..
     
  12. xgnux

    xgnux Regular Member

    Joined:
    Sep 26, 2008
    Messages:
    492
    Likes Received:
    151
    Occupation:
    STudent
    Location:
    Germany
    lol sorry this is the biggest bullshit i ever read. I come from botnet scene and i can tell you any kid names trojans and keyloggers like windows services. For example svchost.exe lsass.exe and so on. Or they use Rootkits and you doesnt see anything at all.

    Here is what you need to do

    1. Update your system all the time.
    2. Dont run warez on your work computer! MOST IMPORTANT!!!!!!!!!
    3. did i mention dont run warez tools on your work computer?
    4. Download VMware, install it, then install windows xp sp2 in yourvmware, make a copy. Run every tool you want to use and downloaded somewhere in your vmware. That way you dont risk beeing hacked and stolen all your domains and shit.
    5. Dont trust any downloadsite, dont trust anyone ;)
    6. Get a decent Antivirus. (kaspersky, norman)
    7. Update your browser
    8. Get a firewall (not needed but even more safer)

    If you follow this simple steps you will be 99% safe. Only thing that can happen to you is some 0day browser exploit.

    95% of people get hacked because they are idiots !
     
  13. bertbaby

    bertbaby Elite Member

    Joined:
    Apr 15, 2009
    Messages:
    2,020
    Likes Received:
    1,503
    Occupation:
    Product marketing
    Location:
    USA
    Home Page:
    Use Ubuntu. It's fast and free to login into secure accounts. You can even re-purpose an older obsolete computer for the purpose. And the number of trojans and viruses are near nil!
     
  14. Gradimir Stankovic

    Gradimir Stankovic Power Member

    Joined:
    Jan 10, 2010
    Messages:
    737
    Likes Received:
    845
    Location:
    404 not found
    Here is one more good tip:
    Always download programs from verified sites like cnet,filehippo or brothersoft.
     
  15. Ewooo

    Ewooo Newbie

    Joined:
    Jul 14, 2009
    Messages:
    7
    Likes Received:
    6
    Well best and most reliable way to protect STAY OFF THE INTERNET, DON'T DOWNLOAD ANYTHING, TURN OFF THE LIGHTS AND GO TO BED and be virus free!

    But seriously each AV engine has it's own strengths and weaknesses as with any software and there's no best AV software.

    Best defense is your own common sense.
     
  16. buck

    buck Regular Member

    Joined:
    Apr 8, 2007
    Messages:
    218
    Likes Received:
    67
    1. http://www.qfxsoftware.com/ free keystroke encrypter...(NOTE TO THOSE WHO DOWNLOAD WAREZ APPS if you dig this out on warez forums DON'T RUN THE INSTALL)
    ^^^
    Almost all warez versions of this cracked app are infected...either use the free one or get the premium trial from their site and use the cracked .dll file from the cracked version.

    2. Also you can use Sandboxie for untrusted programs (such as files that only need to be opened once like keygens and such)
    www.sandboxie.com
    It's pretty easy to find serials for Sandboxie to upgrade the Pro version, but the free version is pretty solid as well.

    3. http://www.usec.at/rootkit.html Radix Rootkit Application is a descent program to check for hidden processes running. You can also add this to your PC as an on-demand type check to make sure ain't nothing fishy going on.

    4. Common Sense
     
    • Thanks Thanks x 1
  17. snap2

    snap2 Junior Member

    Joined:
    Jan 13, 2010
    Messages:
    142
    Likes Received:
    19
    Thanks for the tools, would agree that the best defense is common sense with what you download however easier said than done all the same.
     
  18. Blackhat_Boy

    Blackhat_Boy Newbie

    Joined:
    Oct 2, 2009
    Messages:
    48
    Likes Received:
    235
  19. Bradm

    Bradm Registered Member

    Joined:
    Oct 25, 2009
    Messages:
    51
    Likes Received:
    50
    Occupation:
    Accountant
    Location:
    Calgary Alberta, Canada
    Home Page:

    Not the truth either, some people go to bed in the dark and get viruses too!
     
  20. gbmack

    gbmack Power Member

    Joined:
    Apr 19, 2009
    Messages:
    705
    Likes Received:
    688
    Buck is the only dude who knows what he is talking about lol.


    I whitelist my websites, and if I am ever going somewhere "shady," I use sandboxie in combination with noscript. Literally nothing gets through that combination. If I do get a keylogger maybe through a CD, I still have keyscrambler....

    keyscrambler + sandboxie = win!