Keylogger and Onscreen Keyboards


Keylogging means recording the keys stroke to get sensitive informations like passwords.
There are both hardware and software key loggers.
The price of hardware keyloggers starts at 35$. You can order them via Internet.
You can find free software keyloggers or demo versions for free or for about 35$ (for example have a look at ).

Defending keyloggers by virtual keyboards

While hardware keylogging can be prevented by virtual keyboards (onscreen keyboards), software keylogging is an almost unsoluble problem.
Almost all software keyloggers are able to monitore running programs, mouse clicks and they are also able to record screenshots. They typically make screenshots while a specific program is running and a mouse click is registered.

If keyloggers spy on passwords, they do not take a shot of the whole screen, so less storage space is required.
Thorsten Holz, Markus Engelberth, Felix Freiling carried out a study for the university of Mannheim: „Learning More About the Underground Economy: A Case-Study of Keyloggers and Dropzones“ (pdf).
They noted:
Furthermore, the malware can create screenshot of 50 × 50 pixels around the mouse pointer taken at every left-click of the mouse for specific sites. This capability is implemented to defeat visual keyboards, i.e., instead of entering the sensitive information via the keyboard, they can be entered via mouse clicks. This technique is used by different banks and defeats typical keyloggers. However, by taking a screenshot around the current position of the mouse, an attacker can also obtain these credentials.

Defending the record of screenshots

There are two strategies for virtual keyboards to defend screenshots:
  1. Hide the mouse cursor for some milliseconds when the mouse button was pressed. This will hinder the evaluation of whole screen screenshots.
  2. Cover an area around the mouse position when the mouse button was pressed. This will hamper the evaluation of small screenshots around the mouse position.

However, for any of such strategies there is a simple workaround for keyloggers:
Recording the mouse position for every click would make the first strategy useless, registering the mouse position and performing a screenshot one second later or just recording bigger screenshots would make the second strategy senseless.
There is no way to prevent Keylogger safely. But you can hamper some or even most of the existing keyloggers, especially the automated keystroke logging.

You can find an example of a simple virtual keyboard as source code (Java) here.

Other virtual keyboards written in Java are Vladimir Petrenkos Java Virtual Keyboard
or the Virtual-keyboard of james-d.