0 Members and 1 Guest are viewing this topic.
Form Grabber is an advanced (Crimeware based) keylogging method of capturing web form data. Often confused with traditional keylogging (recording individual keystrokes or hook based keyloggers). This type of keylogger intercepts the on submit API in browsers and collects web form data before it passes over the internet. This type of method is very effective in recording online banking passwords and other sensitive data because it only records login, password, IP, URL and other form fields. Traditional hook based keyloggers record all keystrokes pressed and creates bulky logs for attackers.
if the virtual keyboard was part of the webpage, it would defeat loggers ... The only way to hack it would be to capture and analyse the datastreams in both directions
I suppose, if the web application had direct access to the actual keyboard
... I found a patent that described exactly the same idea! Bummer.
KeyScrambler Personal is a free plug-in for your Web browser that protects your username and password from keyloggers. It defeats keyloggers by encrypting your keystrokes at the keyboard driver level, deep within the operating system. When the encrypted keystrokes reach your browser, KeyScrambler then decrypts them so you see exactly the keys you've typed. Keyloggers can only record the encrypted keys, which are completely indecipherable.
Perhaps we should move to Channel D?
Histiaeus did not like living in Susa, and made plans to restore his power in Miletus by instigating a revolt in Ionia. In 499 BC, he shaved the head of his most trusted slave, tattooed a message on his head, and then waited for his hair to grow back. The slave was then sent to Aristagoras, who was instructed to shave the slave's head again and read the message, which told him to revolt against the Persians.
Keylogger Note: While on-screen keyboards offer protection against hardware keyloggers, they do not offer protection against software keyloggers (which are far more common).