Short for keystroke logger, a keylogger can either be software or hardware that monitors and “logs” all of a computer or smartphone user’s keystrokes. While keylogging software is far more common than hardware devices, cybersecurity experts need to look for the hardware also when performing audits.
While keylogging technology is usually associated with nefarious intent, keyloggers are entirely legal. It’s their use that often runs afoul of the law. Most of them are commercially available to everyone, and their manufacturers provide an extensive list of circumstances where they’re legal to use. While the use of keylogging often falls within an ethical gray area, some of the advertised applications for this technology include:
- Law enforcement. Police agencies can obtain warrants to install keyloggers on suspects during criminal investigations to track their cyberactivity.
- Hotkeys. Many programs use keylogging abilities to enable specific program functions such as toggling between different keyboard layouts, such as Keyboard Ninja.
- Corporate use. Businesses feel justified in tracking employee use of company-supplied phones and computers both during and after business hours. Keyloggers are also installed on their workstations that are accessible by non-authorized personnel. This technology allows them to monitor what their employees are doing during the day as well as protect confidential trade secrets.
- Parental supervision. Keyloggers are a popular option for parents who want to track their children’s online habits. Besides recording, keyloggers can notify parents when their children have accessed certain types of websites.
- Infidelity. Spousal infidelity has a long history. Computers and smartphones may have facilitated “sneaking around,” but keyloggers have also made it easier to discover it. While federal and state law usually precludes using the evidence in court, many use it for their peace of mind or under the guidance of a divorce lawyer.
Whether these keylogging uses are justified depends on your subjective point of view. Despite their legality, thieves often use keyloggers maliciously to steal data appearing on cyber-payment platforms. And hackers continue to develop new hard to detect Trojan Viruses for data theft.
Web Parameter Tampering
Hackers manipulate the parameters and change the data exchanged between clients and servers. Such data includes user credentials, prices, and the quantity of merchandise. Cookies and form fields contain this data and are subject to manipulation.