Keyloggers are a serious threat for all computer users, but especially for users who work with sensitive data, do online shopping or any other kind of financial or security related activities on the Internet.
The biggest threat in regards to keyloggers comes in my opinion from trojans, viruses and other malware that log keystrokes once they are running on a system. There are other possibilities though how keyloggers can be installed on a system including hardware keyloggers that are added to the PC or local hacks (Check out how to defeat most keyloggers, including hardware keyloggers, to verify that none are installed on your PC).
Keyscrambler for Firefox is an add-on that encrypts the keystrokes on the keyboard to decrypt them again in the browser. This ensures that keyloggers can only log the encrypted keystrokes which protects the original data. Every time you enter data in a sensitive area an overlay is displayed which displays the encrypted keystrokes. The data is of course encrypted and entered correctly in the form to ensure that you can use the service as usual.
This add-on seems to be only working with Windows because it installs some additional files during the installation of the add-on which open a normal windows installation dialog. I did not experience the troubles that other users experienced while using the extensions. It ran without any issues during tests.
Update: KeyScrambler has been discontinued. The Keylogger Beater add-on for the Firefox web browser is an alternative.
Once you have installed Keylogger Beater in Firefox you can activate the extension with the shortcut Ctrl-Alt-k. You will see a virtual keyboard attached to all forms that you click on in the browser. You can hide the virtual keyboard at any time with the Esc key.
If you want to enter something in the form, you have two options to do so. You can use the keyboard or the mouse to do just that. As you can see on the screenshot above, the virtual keyboard displays real and shadow keys, and you basically need to type the shadow key on your keyboard to enter the real key in the form. A keylogger logging your input will only log the shadow key that you have pressed, and since those change with every loading, it is impossible to link shadow keys to real keys once the virtual keyboard has been closed.
The only option that attackers have is to not only log the keys that you press but also to take a screenshot of the key map so that real keys and shadow keys can be linked to each other.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.