A keylogger is a software or hardware that will spy and log every single keystroke of your keyboard. Keyloggers can be used by criminals to steal passwords and other sensitive materials.
It is also possible to find keyloggers that are not necessarily malicious but on a thin moral border. One can buy a keylogger legally from different software houses to use them to monitor co-workers or family members, spouses, etc.
There are different ways one can get infected by a keylogger.
- Malicious link & attachment
- Website visit & file download
- Man in the middle attack
- Physical install
It’s the characteristic vector of attack, where the criminal will send a malicious email with either a link or an attachment that will contain the keylogger.
Once you open the attachment or you click on the link, the keylogger will install itself secretly on your computer.
Website visit & file download
You might find yourself on a website that has been compromised by exploits that will download files that contain the keylogger. Or maybe the hacked website will trigger an analysis of your computer to find current vulnerabilities or better know wholes in your security to download the file.
Man in the middle attack
A man in the middle attack is when a hacker accesses your router and tricks you in visiting malicious websites. Such websites are tailored to steal or make you download unwanted programs.
In this case you the attacker would need to have physical access to your computer to install the keylogger. There is also a way to install a keylogger without logging in to a device by plugging in a USB keylogger.