Term: keylogger

A keylogger is malware that “logs” or records your keystrokes or other activities on your machine. When you type in your user name and password to a website, the keystrokes are recorded, the information is saved, and these are made available to the hacker who put the keylogger on your computer. Keylogger programs can even take screen captures as you click your mouse, rendering many (if not most) attempts at bypassing keyloggers ineffective.

Keyloggers can work several different ways. They may:

* Send each keystroke immediately to some remote listener over the internet.

* Collect each keystroke in a temporary file, and then periodically upload that file to the author’s location over the internet.

* Collect each keystroke in a temporary file, much like a spam bot, and then listen for and receive instructions from the author. In other words, the logger could upload the collected information when requested.

The collected keystrokes may never be uploaded. Instead, if someone has remote access to your machine, or even worse, physical access to your machine, they could simply come by and copy the keylogged information manually.

Finally, keylogged information may not even be kept on your machine. There are hardware keyloggers that include a little flash memory that can be quickly inserted in between keyboard and computer to capture all the data. Some time after installing the keylogger, the person behind it picks up the device containing all your information.