Helping people with computers... one answer at a time.
Malware and keyloggers on your machine can do anything, which includes cut and paste, drag and drop, screen keypads and more. Prevention is the only cure. To be safe, you need to protect yourself from all kinds of malware.
I use Keypass to store my passwords to various sites. Will keyloggers be able to get the login information when we use the drag and drop procedure? How about the password when we type to open the Keypass utility?
In this excerpt from Answercast #13, I look at what keyloggers might be doing on your computer, how to protect your valuable information, and how to stay safe on the internet.
If you have malware on your machine (and make no mistake about it, keyloggers are malware), then the malware can do anything. I want to emphasize the anything.
We often talk about keyloggers and the answer is, "Absolutely!" If a keylogger is only logging keystrokes, great... don't use a keystroke and chances are what you're doing won't be logged.
The problem is that oversimplifies a much larger problem.
People think they are safe because they've avoided this keystroke issue, when in fact, they're just as vulnerable as before because malware is more than keyloggers. Malware can monitor whatever you do.
So, for example, if you use drag and drop, what you're really doing is using a form of copy/paste. The important thing here is that if it's written properly, malware can insert itself into the drag and drop process and see what you're doing. Malware can certainly hook itself into whatever Keypass uses when it's accepting the password from you.
So, absolutely, malware can certainly record the password that you type into Keypass or any other password vault.
People have talked about using onscreen keyboards. They've used scrambling software. They've used all sorts of things.
But how do you know? The malware could easily be taking a screen shot; they could be monitoring other things in addition to keystrokes. You simply don't know that you're safe.
Do not assume that if you've protected yourself from keyloggers; you've actually protected yourself.
You must make sure that you're protecting yourself from all forms of malware before you can start to consider yourself even close to safe when it comes to this kind of hacking or malware intrusion.
End of Answercast #13 Back to - Audio Segment
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.