Keylogging Identity The Defense System TM. Whitepaper. Legal Club of America 7771 W. Oakland Park Blvd. #217 Sunrise, Florida 33351 www.legalclub.



Similar documents
The Key to Secure Online Financial Transactions

Keystroke Encryption Technology Explained

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

Introduction: 1. Daily 360 Website Scanning for Malware

Stopping secure Web traffic from bypassing your content filter. BLACK BOX

McAfee Internet Security Suite Quick-Start Guide

Family Protection Plan

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

G Data Whitepaper 03/2014. Keylogger Protection. System Security Research. Whitepaper_

What's the difference between spyware and a virus? What is Scareware?

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Internet basics 2.3 Protecting your computer

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

Evolutionism of Intrusion Detection

The Value of Physical Memory for Incident Response

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

KASPERSKY SMALL OFFICE SECURITY (Version 3) Features List

Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice.

JOOMLA SECURITY. ireland website design. by Oliver Hummel. ADDRESS Unit 12D, Six Cross Roads Business Park, Waterford City

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

GlobalSign Malware Monitoring

General Security Best Practices

ZNetLive Malware Monitoring

Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath

Outpost Pro PC security products Security Suite, Antivirus, Firewall

Sophistication of attacks will keep improving, especially APT and zero-day exploits

SonicWALL Security Quick Start Guide. Version 4.6

Software. Webroot. Spy Sweeper. User Guide. for. Webroot Software, Inc. PO Box Boulder, CO Version 6.

WEB ATTACKS AND COUNTERMEASURES

Information Security Threat Trends

Deploying Layered Security. What is Layered Security?

User Documentation Web Traffic Security. University of Stavanger

E Commerce and Internet Security

ESET SMART SECURITY 6

Keyloggers ETHICAL HACKING EEL-4789 GROUP 2: WILLIAM LOPEZ HUMBERTO GUERRA ENIO PENA ERICK BARRERA JUAN SAYOL

Protegent 360- Complete Security Software

Kaspersky Internet Security 2012: Reviewer s Guide

Westlands Portal: Usage Guide

WEB SECURITY. Oriana Kondakciu Software Engineering 4C03 Project

Quick Heal Exchange Protection 4.0

Top tips for improved network security

ANDRA ZAHARIA MARCOM MANAGER

STOP Cybercriminals and. security attacks ControlNow TM Whitepaper

Guideline for Prevention of Spyware and other Potentially Unwanted Software

Spyware Doctor Enterprise Technical Data Sheet

How to stay safe online

WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2

the barricademx end user interface documentation for barricademx users

Stopping zombies, botnets and other - and web-borne threats

Norton 360. Benefits. Our ultimate protection, now even more so. Introducing the new Norton 360.

Get Started Guide - PC Tools Internet Security

white paper Malware Security and the Bottom Line

10 Quick Tips to Mobile Security

Reduce Your Virus Exposure with Active Virus Protection

Barracuda Spam Firewall

AVG AntiVirus. How does this benefit you?

MacScan. MacScan User Guide. Detect, Isolate and Remove Spyware

STANDARD ON CONTROLS AGAINST MALICIOUS CODE

Malicious Mitigation Strategy Guide

INTERNET & COMPUTER SECURITY March 20, Scoville Library. ccayne@biblio.org

Proxy Blocking: Preventing Tunnels Around Your Web Filter. Information Paper August 2009

Introduction to Computer Security Table of Contents

Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking

FAKE ANTIVIRUS MALWARE This information has come from - a very useful resource if you are having computer issues.

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Google 2 factor authentication User Guide

Online Giving User Guide for Church Members

ABOUT LAVASOFT. Contact. Lavasoft Product Sheet: Ad-Aware Free Antivirus+

Inspection of Encrypted HTTPS Traffic

COMPUTERS & INTERNET SAFETY. Saint Francis Academy April 26, 2012

Computer Viruses: How to Avoid Infection

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

How to Prevent Secure Web Traffic (HTTPS) from Crippling Your Content Filter. A Cymphonix White Paper

Kaspersky Internet Security 2014: Reviewer s Guide

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

Personal SES Software Security. Installing and Updating the Personal (Stand Alone) Software Security Key. Version15.1

Contents Security Centre

Network Security. Demo: Web browser

Top five strategies for combating modern threats Is anti-virus dead?

Web Application Hacking (Penetration Testing) 5-day Hands-On Course

Laplink PCdefense Reviewer s Guide

The Top Web Application Attacks: Are you vulnerable?

Why Device Fingerprinting Provides Better Network Security than IP Blocking. How to transform the economics of hacking in your favor

Spyware. Summary. Overview of Spyware. Who Is Spying?

WEB PROTECTION. Features SECURITY OF INFORMATION TECHNOLOGIES

Internet Banking Attacks. Karel Miko, CISA DCIT, a.s. (Prague, Czech Republic)

Payment Fraud and Risk Management

Doyourwebsitebot defensesaddressthe changingthreat landscape?

Web application security: Testing for vulnerabilities

Quick Start. Installing the software. for Webroot Internet Security Complete, Version 7.0

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.

Contents. McAfee Internet Security 3

SPYWARE & MALWARE. ComputerFixed.co.uk Page: 1 info@computerfixed.co.uk. How do you get infected? Will Anti-virus software protect me?

Welcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013

Windows Phone 8 Security Overview

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

How To Protect Your Online Banking From Fraud

ESET SMART SECURITY 9

Transcription:

Keylogging Identity The Defense System TM Whitepaper Legal Club of America 7771 W. Oakland Park Blvd. #217 Sunrise, Florida 33351 www.legalclub.com

Summary Keyloggers are a serious security threat that can be extremely harmful to both businesses and consumers. Current mechanisms do not provide adequate protection to the user from these threats. We discuss a solution that helps users mitigate the keylogging threat and show how Legal Club of America can prevent the information leakage to current as well as future keyloggers. Introduction Though PC users are worried about spyware that tracks web site visits, and crashes their PCs, there are more insidious threats out there. A more powerful breed of spyware can log keystrokes (including passwords and credit card numbers) and send that information to criminals. This type of so ware is called keyloggers. A keylogger is a type of surveillance so ware that has the capability to record every keystroke you make to a log file (usually encrypted). A keylogger recorder can record instant messages, e-mail, and any information you type at any time using your keyboard [4]. The log file created by the keylogger can then be sent to a specified receiver. Some keylogger programs will also record any email addresses you use and Web site URLs you visit. This danger was recently highlighted when Sumitomo Mitsui Banking Corporation discovered a keylogger installed on its network in London [1]. There have been other high-profile cases. In 2003 keylogging so ware was discovered at more than 14 Kinko locations in New York. The perpetrator installed the so ware and using it to open bank accounts with the names of some of the 450 users whose personal information he collected [2]. Also in 2003, Valve So ware founder Gabe Newell found the source code to his company's Half-Life 2 game stolen a er someone planted a keylogger on his computer [3]. Keylogging is a serious security threat that can be extremely harmful to both businesses and consumers. By copying keystrokes, hackers are able to access private financial information such as bank accounts, credit card numbers, and social security numbers all of which can be used for fraudulent activities, that you won t know are occurring until the effects show up on a statement, bill or via a phone call which could take days, weeks or months to surface. How keyloggers are inserted into a victim s computer A keylogger can be inserted into a victim s computer via several ways. It can be carried by a virus or spyware. It can come as an a achment in an e-mail. For example, the Corporate IT Forum (Tif) spam email contains a website link, the clicking of which, causes a keylogger to be loaded into the computer. It can even be embedded in an mp3 file or delivered via a XSS (Cross Site Scripting) a ack. How keyloggers work Keyloggers work by hooking the Windows message queue. It is relatively easy to place a global hook and inspect all the windows messages (such as keystroke messages) before they are sent to

the application. The keyloggers then log the keystroke messages into a file. Typically, the keylogger communicates with the hacker via an IRC channel and delivers the captured keystroke file to the hacker. Many keyloggers also incorporate stealth mechanisms (using rootkit techniques) to hide their existence so that they cannot be detected by anti-virus so ware. Why current tools don t work All anti-spam and anti-virus tools are based on scanning a computer for files with a particular signature. The database containing signatures of known bad files have to be continuously updated. The major caveat in this approach is the existence of the signature of a known problematic file. Spammers and criminals are currently deploying sophisticated so ware which dynamically changes the file signature. Therefore, anti-spam tools are no longer effective against keyloggers. Also, there is significant time between detecting a new keylogger on the internet and the anti-keylogging signature being updated on anti-virus/spyware so ware. This time gap can a month to a couple of months. Some of the anti-keylogging so ware prevents Windows hooks from being used by keyloggers (Windows hooks are used by keyloggers to spy on keystrokes sent from the keyboard to the application). However, there are not always effective and can be circumvented by keyloggers in most cases. How does Legal Club of America protect users Legal Club uses a different approach to defend against keyloggers. Rather than trying to detect keyloggers, it takes a preventive approach. It takes control of the keyboard at the lowest possible layer in the kernel. The keystrokes are the encrypted and sent to the browser via an Out-of-Band channel bypassing the Windows messaging queue. Our System has a built in selfmonitoring capability. This prevents it from being bypassed by other so ware. If our so ware is tampered with in any way, it will warn the user of the breach. Vulnerable areas to malicious code, spyware and keyloggers Internet SSL Connection SSL Connection Web Server Vulnerability 1 User information can be stolen through message hooking keylogger Vulnerability 2 User information can be stolen through filtering a keyboard driver Vulnerability 3 User information can be stolen by replacing a software driver with a malicious keylogging driver Normal Data Route Without KeySecure TM Application Level (Web Browser Applications) Messaging Service Keyboard Driver Hardware Driver (Keyboard Port) Key Features: 1. Browser Launch Activation 2. Keystrokes Delivered Via an Invisible Pathway 3. Anti-Subversion Kernal Monitoring Program 4. Cryptocolor Technology Key Benefits: Protects against NEW and EXISTING keyloggers Toolbar plug-in for IE6 and IE7 & Firefox Does Not require any spyware database updates Eliminates time-consuming hard disk or memory scans Cryptocolor - visually displays all encrypted fields Small memory footprint Figure 1. Legal Club of America

The following table shows a comparison of Legal Club to other antikeyloggers. Other Anti Keylogger Products Legal Club of America Blacklist/ whitelist based Requires updates on a regular basis Retroactive defense based Does not encrypt input Circumvention very easy by manipulation of file names and sizes Windows systems internals based Does not require updates Pro-active defense based Encrypts all input to programs Very hard to circumvent Table 1 Legal Club of America features comparison CryptoColor Our Keylogging Defense System uses a unique method to indicate to the user that the product is working and the user input is secured. It colors the text input box that the user is entering data. The color can be selected by the user. This provides strong visual feedback to the user that they are operating in a secure environment and their keystrokes are secure. CryptoColor keystroke encryption shows you it s on and ready (by shading active typing area)

CryptoState In certain cases, our system is not able to secure the user input. This happens with certain non-html pages and certain type of popups. In such a scenario, our system warns the user that encryption is off by changing the color of a status bu on on the Legal Club toolbar. There are three states (1) Activate (activate so ware license), (2) On (indicates that keystrokes are being encrypted), and (3) Off (indicates that keystrokes are not being encrypted). Keylogging Defense Software is available in consumer and corporate versions Consumer Version- To secure a users entire internet experience - In this scenario, our defense system is automatically launched every time the browser is opened for any type of online activity i.e. banking, shopping, browsing, email etc. As a consumer, this option requires the user to download and install the Legal Club toolbar into their internet browser. Corporate Version- To protect every web session In this scenario, our defense system is purchased and distributed by a corporation to its employees to protect all online activities whether on a corporate network or working remotely. This option requires a system administrator to distribute an executable file and an activation key. Great for corporations, government agencies, banks etc. Audience: Consumers, Corporations, Government Agencies, Financial Institutions, email Providers, ISP s, Hosting Providers, Telephony Operators, Device Manufactures (USB, Appliances) etc. Protects: Username & Passwords, URL Addresses, account numbers, credit card numbers, SPF numbers, anything typed into email and all other online applications. References 1. Keyloggers Foiled In A empted $423 Million Bank Heist, Gregg Keizer, Security Pipeline h p://www.securitypipeline.com/showarticle.jhtml?articleid=159901843 2. JuJu, Kinko's, and the "Keystroke Caper"!, TechSpot h p://www.techspot.com/news/6478-juju-kinkos-and-the-keystroke-caper.html 3. Popular computer game code stolen by hackers, Paul Roberts, Computer World h p://www.computerworld.com/securitytopics/security/story/0,10801,85845,00.html 4. Definiton: Keylogger, Webopedia <h p://isp.webopedia.com/term/k/keylogger.html>

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information