Having been the victim of a keylogging virus - having to go out to dozens of sites and change my password for sites I had visited between the time the keylogging software got on my computer and when my virus checker found it, I strongly object to this software being distributed -on a free basis or NOT. I am a big fan of GAOTD, but frankly, I hope you get sued by the future victims of this software.
Keylogging Spyware.
(3 posts) (2 voices)-
riverboatsam
MemberPosted 11 years ago # -
mikiem2
Moderator"I strongly object to this software being distributed -on a free basis or NOT. I am a big fan of GAOTD, but frankly, I hope you get sued by the future victims of this software. "
Well, totally FWIW, I don't think any cybercriminals are or would pay Any attention to Krylack's keylogger -- there are more than enough malware apps already in circulation that they use, including malware development kits. Like anything else the Ultimate Keylogger app could be misused, for example hacking into a spouse's e-mail accounts looking for dirt prior to divorce could possibly get you sentenced to jail time [depending on laws where you live etc.], but it's actually intended to keep you & your network more secure. I'm not going to argue ethics or morality, nor say where I stand in the debate -- with the current NSA stuff all over the news there's more than enough open debate on essentially if the ends justify the means. From a purely selfish perspective I'm glad GOTD is hosting Ultimate Keylogger -- otherwise some folks would resort to less savory sources, grabbing a keylogger from someplace they probably shouldn't, winding up contributing to yet another botnet for cybercriminals, & that effects us all.
Most all virus & other malware infestations, like successful hacking requires a user on the system to do something -- a fresh Windows PC running up to date security software, & connected to the Internet through the usual router with NAT is actually pretty secure... for the system's security to be breached it takes the user doing something like downloading & running a file, or filling out a form on a website that mimics a legit site etc. IOW it's terribly difficult for someone to reach out & infect your PC/laptop from outside your home or biz. OTOH an unsecured or I guess I'd say less properly secured home or biz network can be breached, particularly wireless, & someone doing something unwise or malicious on one of your home or biz PCs can cause infection to spread to other PCs on a home or biz network.
Usually once malware has the initial foothold, say once you've downloaded & run the initial file that give the bad guys access to your system, that malware can call home for instructions -- it may be told to sit quietly, checking back at regular intervals, & you've just become a number in someone's bot-net. Or it may be told to download & run other malicious software, e.g. a keylogger, saving captured data & sending it home periodically.
At any rate the point I'd make is that users & administrators play an active role in most every security breach, by running malicious apps or scripts, &/or by failing to follow best practice security-related guidelines, &/or by paying too little attention to what's going on with their PCs/servers/networks. Some hacker working on their own or for some gov is not going to magically infiltrate your systems like in a movie. Even the US gov it seems, who gave cybercriminals a great tutorial with the Very sophisticated Stuxnet, relies on someone somewhere unlocking the doors, can't just gain access from outside a network -- if they could do it all on their own, if it was that easy, why would they risk the sort of public outrage & scandal they're facing now, after revelations that all these big companies have been giving them access.
Parents regularly try to make sure their kids aren't doing something they shouldn't, just like employers watch their employees -- in many [most?] places both have some legal obligation to prevent those under their authority from doing something bad. Ultimate Keylogger is just one of many methods &/or tools that they might use. On its own a keylogger isn't any more malicious than the Very popular TeamViewer -- both are commonly [mis]used for criminal purposes -- and for those without an IT staff that can provide more sophisticated monitoring, a keylogger might help stop an employee from infecting the network &/or stealing IP, just like it might help a parent keep their PCs uninfected, by keeping an eye on what their kids are doing, &/or may even help save their kid's life [kids have been *mislead* by many a predator on-line].
Posted 11 years ago # -
mikiem2
ModeratorFrom the download page comments...
#6: “Ultimate Keylogger (…) monitors all activities (…) including (…) passwords” and “is completely undetectable. (…) it will not be listed in the task manager.”
If it’s true, how can you offer such a dangerous program? Could someone tell me how to defend myself against such programs? Is it truly undetectable?"In a word, No.
To remain truly invisible requires a rootkit, which is why so many dred those... in a nutshell a rootkit modifies your system so certain files are literally invisible -- Windows will not see them. Otherwise apps/processes can hide to some extend, though apps like Sysinternals Process Explorer [free from microsoft.com] will show them running -- in fact the bad guys know & fear these Sysinternals apps enough that their malware is sometimes designed to prevent them from running. Malware processes also often try to disquise themselves by using the same names as legitimate Windows app/processes, or using names that sound like they belong to Windows -- that makes it harder for users to spot them. For the average user however good security software should spot a keylogger, if by heuristics [behavior patterns] if by not matching the pattern itself -- I would suspect that to use something like this you'd have to set that security software to ignore it, then perhaps password protect your security apps to prevent someone seeing & changing that.
* * *
#10: " For ultimate protection, install a virtual machine and do your surfing from there."
Good protection in many cases, yes, but VMs aren't bulletproof by any means, e.g. if your VM gets infected, malware *may* be able to spread to other systems via the same network connection that allowed them to get on-line. It is possible to isolate a VM pretty well, but I wouldn't want anyone to think that installing a VM is all they need to do to be perfectly safe.
* * *
#26: "What would be useful is if I had a text file log all the programs running in my computer or the internet activity so I know if someone i trying o hack into my computer."
Check out Process Monitor from Sysinternals at microsoft.com. The hard part is there's so much going on just running Windows that even with filtering you're talking loads & loads of data. As far as network activity, there are several apps that monitor & log that stuff for you, & many security apps [e.g. McAfee] can log every app that asks for outside access as well as log any attempts to connect to your PC/laptop. You are right, logging that stuff is helpful when/if tracking down malware or misbehaving software, but it can be enough work, going through the logs carefully, that unless you know you have a problem most won't bother with it.
* * *
#27: "Does anyone know if it’s possible the company or some other party could intercept the log files this program generates? I feel scared to install it because I don’t know if there is a way the information could be apprehended by others."
Set your firewall to block any of the app's files/processes from connecting to your network -- then either look at the logs yourself on the monitored system, or use a trusted app to sync files with a folder on your system via the network etc. Someone with access to the monitored PC, either physical or remote could access anything stored, so if the system were compromised then yes, they could get those files too.
Posted 11 years ago #
Reply
You must log in to post.