Kaspersky Alert: Beware of keyboard recorders spying on privacy

The computer user's important account number and the password are stolen, many times are the keyboard recorder causes. This kind of malicious program will record user's keyboard and mouse operation, even can intercept screen, steal user important data, the harm is very strong.

Kaspersky Lab recently intercepted a keyboard recorder called TROJAN-SPY.WIN32.KEYLOGGER.SCM, which is also a Trojan horse program. When the system is infected, it is injected into the system process Winlogon.exe and the key is judged, if it is recorded within a certain range. The Trojan can also determine the return key and window changes, respectively, record the key information in different windows. And the information that is recorded is added to the date, encrypted to the record file. And to send this data to network hackers. Once the infection, it is likely to cause the user's important data such as network Silver account password stolen. As shown in the following illustration:

Gets the current process path and then converts the path to lowercase and finally compares whether in the Winlogon.exe process

Make a judgment on a key if you record it within a range

Hook up

To determine whether or not to press ENTER is to add line breaks otherwise record the content

Punctuation information such as parentheses and dates

At present, all Kaspersky products can be the Trojan program to killing. Users only need to keep anti-virus database update can effectively intercept this trojan. Kaspersky Laboratories at the same time to remind the vast numbers of netizens, do not easily download and run documents of unknown origin, to avoid the damage caused by malicious programs.