I published the following diary on isc.sans.edu: “Simple Python Keylogger“:
A keylogger is one of the core features implemented by many malware to exfiltrate interesting data and learn about the victim. Besides the fact that interesting keystrokes can reveal sensitive information (usernames, passwords, IP addresses, hostnames, …), just by having a look at the text typed on the keyboard, the attacker can profile his target and estimate if it’s a juicy one or not.
To follow up on my yesterday diary, Microsoft Windows provides API calls to implement a keylogger via API calls like GetKeyState()
and GetAsyncKeyState()
help to determine if a particular key is pressed. But, can attackers implement a keylogger in other languages… [Read more]