Defeating Hardware Keyloggers - gHacks Tech News

Defeating Hardware Keyloggers

You probably read my article about the bank heist in London where the robbers used a hardware keylogger to receive sensitive information that allowed them to perform wireless transfers. The bank made the decision to super glue every cable to the back of the personal computer making it impossible to add the keylooger between the keyboard and the computer after the incident.

Well, there is another possibility which means more work for the user: Onscreen Keyboards. Microsoft Windows comes pre-installed with an onscreen keyboard, open up the run dialog and enter osk.exe. (with the shortcut Windows-r to bring up the runbox).

An application looking similar to the one shown on the screenshot below will appear. You can now click on a symbol and it will appear in the form. This is great if you suspect that someone could log what you are typing. It's a good way to enter a password relatively safely. This is of course not 100% foolproof. What is meant by that? Some keyloggers take screenshots of the computer monitor in regular intervals which may reveal what you are doing even when you are using an onscreen keyboard to avoid using the computer's physical keyboard.

on screen keyboard

It is also possible to intercept keys that you click on in other ways. While this prevents hardware keyloggers from logging what you enter, it won't prevent a program that is logging all keys send on the system from recording your input.

If you do not want to use Microsoft's on-screen keyboard, you can use free alternatives like Click-N-Type, a free virtual keyboard for your PC that you can use for the very same purpose. It comes as a portable version that you can put on your USB Flash drive to take away with you. This can also be interesting of the Microsoft on-screen keyboard is disabled on a computer you are working on, or if you can't use the run box to launch it.

 





  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. Andy Buford said on April 24, 2006 at 4:49 pm
      Reply

      The best way is to just get a USB keyboard. I have never seen a hardware keylogger that wasn’t PS2.

    2. Josh said on May 24, 2009 at 8:47 pm
      Reply

      I don’t think the on-screen keyboard will really protect you:
      http://en.wikipedia.org/wiki/Keystroke_logging#On-screen_keyboards

    Leave a Reply