What are keyloggers, trojans and Backdoors?

Well, you have set up a system of PGP encryption of your data and your mail  and logically the pass-phrase you use to crack the toughest in the world, is not it ?

But be aware that if the authorities (or any other opposition force) really want access to the contents of your encrypted data, there are still few methods available to them. These include the use of keyloggers (= keystroke loggers) equipment or software, trojans and backdoors.

Here is a small article explaining the terms Keyloggers, Trojans and Backdoors to an average Microsoft Windows user

We start from the premise that the state is interested in your activities to the point of entering your home or computer network to install a keylogger (hardware or software) or backdoor into your computer. Feel free to adapt this scenario to your situation. We felt that this site would not be complete without addressing this issue and the steps to follow to protect your computer system against this type of invasion.

A physical check of the integrity of your hardware and your software is the most reliable available. This means that if your machine contains important data, you must do everything in your power to ensure the physical security of the computer. Laptops and other PDAs have here the advantage of their size which, unlike a desktop, if not to be constantly on you, at least you can easily make sure they are turned off and unattainable.

Keyloggers (Keyloggers = keyboard)

The keystroke loggers (keyloggers), which can be hardware or software, their function is to stealthily record everything you type on a computer keyboard, and transmit the data, sometimes by mail or website, the agency or individual who is spying on you. Most keyloggers also record the name of the current application, date and time at which it was executed and the keystrokes associated with that application. The use of keyloggers is increasingly common in the practice of law, and they also enjoy growing popularity among business leaders. Their ability to truly touch by touch record everything typed on a keyboard.

The hardware keyloggers are what they mean, that is; the devices those are connected to your keyboard that records the data. These devices are generally similar to a standard keyboard adapter, and may indeed be difficult to spot if you do not look for specifically. To retrieve the information stored in a hardware keylogger, instigated the surveillance must be accessed again physically. The hardware keyloggers record data locally and generally lack the ability to distribute or to transit in and out via a data network. If you want to see what looks like a hardware keylogger (you will know what to look), look for products KeyKatcher and Key Ghost are the two most popular models on the market. KeyGhost also makes keyboards with integrated keylogger, which makes detection more difficult. Note that because these are features of type material, and KeyKatcher KeyGhost can not be detected by anti-spyware, anti-virus or security of your workstation. In fact, you should check-visually-back of your computer, where the keyboard is connected (even inside the keyboard) to detect the presence of a hardware keylogger. Here is an example photo of hardware keylogger:

Software keyloggers are much more common because they can be installed remotely (via a network, through a Trojan or a virus), and thus do not need physical access to the machine to recover data collected (often sending is via email and this, periodically). Unlike their counterparts in hardware, software keyloggers often able to obtain much more data because they are not constrained by the physical size of their memory. Among the hundreds of existing software keyloggers, the best known is ” Invisible KeyLogger Stealth (IKS) in the company Amecisco, or products Spector KeyKey Monitor, 007 STARR, Boss Everywhere and I-See-Ua. Try them if you want to see how they work and the type of data they can provide when installed.

It is common knowledge that the FBI uses keyloggers software and hardware.

For an example of using keylogging software to find information on Magic Lantern, a software developed under the project Carnivore FBI. This is a trojan with a keylogger specially designed for the collection of information on encryption keys and transmit data to the FBI.

Detecting Keyloggers

The only way to detect hardware keyloggers is to familiarize yourself with these devices and make a full visual inspection of your machine regularly. It may be wise to take pictures of the inside and outside of your computer when you take possession to ensure that everything seems to be in place during your audits.

The fight against software keyloggers can pass by taking a virtual snapshot of the contents of your disk and all file changes made by programs. You must take a new snapshot each virtual software installation or upgrade each of your system to keep it updated. You should also keep this shot outside of your computer and in an undisclosed location so that nobody can change it locally (for physical access to the machine) or remotely. Among the products to achieve this kind of cliche, one finds Snapshot Spy Pro and ArkoSoft System Snapshot (for Windows platforms). fcheck is one of the more trusted to machines running GNU / Linux – we hope someone one can tell us whether this product also runs on OSX platform.

There are also some specialized programs in the detection of keyloggers software. Products Anti-keylogger and SpyCop had good value. These programs are not free but offers an Anti-keylogger trial way you will scan your machine in search of keyloggers. We were unable to fully test these products because we have not acquired the Licenses. Currently to our knowledge, no product specifically detects Magic Lantern.

Trojans & Backdoors

Another method that could use a spy agency is using a program with a Trojan backdoor. A Trojan is a program seemingly harmless but that contains a dangerous payload, like the Trojan Horse of Greek mythology. In the same way that a virus is often hidden, a Trojan can take on the appearance of a game or any type of executable file (is it necessary to remind you that we should not open the files. Exe and attachments from people you do not know?)

Once executed by the victim, the Trojans put up a backdoor (or so open a breach in system security through a few lines of code, which will then install the backdoor). A backdoor program allows the hacker to access your computer as long as you are connected to the internet. It is a kind of remote, usually very full, which gives access to all files and computer resources.

It is of course very important not to have a backdoor into their computer. The best protection is through the use of an antivirus program effective and current. For most, they stop the Trojans and backdoors, but if you are permanently connected to the internet you should install a good firewall hardware or software. The firewall is also recommended for dialup users who wish to strengthen their traditional security.

If your computer is behaving strangely and you think you have a backdoor (as if someone had a remote keyboard connected to your machine), manually disconnect your phone line or Internet connection and install a very good antivirus.

Software and recommended habits for protection of your Windows 7 PC:

• Always turn on Windows Firewall
• Keep Microsoft Windows update to Automatic, however check manually in regular basis.
• Do not click unknown link and do not download software from untrusted publisher. We recommend not to install so called “tools” developed by individuals, unless you know the developer face to face, physically.
• Use an real time protection enabled Antivirus: among free options, Microsoft provides Microsoft Security Edition, Avast provides a free home edition too. Among paid options, NOD32 of ESET and Norton Antivirus is very well known and trusted names.
• Better to use a separate Antimalware. You can try Malwarebytes Antimalware. It has both free and paid version.

Check respected Corrine’s dedicated blog for your computer’s security: SecurityGarden for more details about these softwares.