Hardware Keylogger

Martin Brinkmann
Apr 22, 2006
Updated • May 4, 2013
Security
|
2

The little device that you see below has apparently been used to pull of one of the greatest bank heist in history. You attach this device to the keyboard cable at the back of the PC and it's able to record 130000 keystrokes in total. The bank robbers installed this device inside the bank and got access to Sumitomo Bank's wire transfer capabilities thanks to it. With all the information at their hand they proceeded to transfer more than 400 million U.S. Dollar to various foreign accounts.

The article at zdnet that I'm using as a source is called Super Glue, guess what the banks officials decided to do after they found out? Right, they decided to glue the keyboard cables to the computer, making it impossible to connect a device in between.

Update: The device is no longer available on the site it was offered on.

Update 2: I was asked to provide more information about hardware keyloggers and how they work. Hardware keyloggers usually are made of a controller that records the datastream between the computer keyboard and computer, and Flash storage to record the data.

The issue with these types of keyloggers is that they need to be attached to the computer when they are installed, and that they also need to be removed again to access the information. Their main advantage over software based keyloggers is that users usually do not look at the back of the PC to find out if a new device has been attached there, and that it cannot really be detected by antivirus software or other security software. The likelihood of discovery is much higher when it comes to software-based keyloggers, as both security software and manual inspection of a PC's processes can reveal the existence.

Regular hardware keyloggers that use internal storage to record the keystrokes are the most common form, but there are others. Wireless sniffers can be installed to record the traffic of wireless keyboards, provided that the encryption key used can be decrypted (either directly or once the keylogger is removed). Another possibility is the manipulation of the computer bios or keyboard, to record keystrokes this way, or the installation of an expansion card.

Some hardware keyloggers transfer the keystrokes over wireless connections so that no internal storage is required, and attackers do not have to detach the keyloggers manually to get the data.

Advertisement

Related content

bitwarden

Bitwarden launches passkeys support in mobile apps for Android and iOS
Intel

Microsoft publishes new Registry security mitigation for Intel processors (Spectre)

KeePassXC adds support for Passkeys, improves database import from Bitwarden and 1Password
Malwarebytes 5

First look at Malwarebytes 5.0
RustDoor malware targets macOS users by posing as a Visual Studio Update

RustDoor malware targets macOS users by posing as a Visual Studio Update
keys

KeePass 2.56 released: options search and history improvements

Previous Post: «
Next Post: «

Comments

  1. wow said on June 27, 2006 at 11:36 pm
    Reply

    how they do it

    any ideas ……….

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.

Advertisement

Spread the Word

Advertisement

Hot Discussions

Advertisement

Recently Updated

Latest from Softonic

Advertisement

About gHacks

Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.

The name and logo of Ghacks are copyrights or trademarks of SOFTONIC INTERNATIONAL S.A.
Copyright SOFTONIC INTERNATIONAL S.A. © 2005- 2024 - All rights reserved