Can a Keylogger intercept cut and paste?

Dennis Faas's picture

Infopackets Reader Windy H. writes:

" Dear Dennis,

I keep important information (such as credit card numbers) stored on my PC. The sensitive information, however, is disguised in such a way that if someone were to 'break in' to my PC, they would never realize that it is my credit card number.

Question: I always go back to my repository program to cut and paste my credit card number into order forms when I make a purchase online. If there was a stealth Keylogger installed on my system, would it be able to detect the numbers I am entering? "

My response:

The short answer is "yes", you are at risk. On a related note: not all Keyloggers are limited to monitoring input from the keyboard (they also monitor clipboard activity [cut and paste], desktop activity, instant messaging, emails, etc).

The long answer:

Any information, no matter how obfuscated it may appear, can be intercepted over the Internet: whether it's through a Keylogger, an unsecured [wireless] network, a web server, or by any other means of disseminating the information as it travels from point A (your computer) to point B (the other computer / web server).

To understand why this is so, you need to know how information travels over the Internet. For example: all information sent to and form your computer (via the Internet) is broken down into "packets". Packets hop along different paths on the 'net until they reach their destination. When all the packets are received by the destination computer, they are reassembled to form the whole (I.E.: your entire credit card number). No two packets may take the same route; the Internet was designed this way for redundancy such that if one "main route" were to shut down (for example), the packet may be redirected along another path.

Having said that: it is possible for a packet to be "sniffed" at any point during transmission. That does not necessarily mean that all your packets are compromised, but it is certainly possible to sniff a packet and have its contents analyzed.

For the most part, however, purchasing online is relatively secure providing that:

a) Your computer is up to date.

b) There are no rootkits installed on your computer (this includes a keylogger or spyware). Note that the only real protection for not getting infected with a rootkit is by keeping your computer up to date (a).

c) The web site you're dealing with uses a secure method for the transaction (I.E: a padlock is displayed in the browser and the security certificate is valid). A secure server encrypts data as it is sent from your computer to the web server. This makes it next to impossible to decipher, if the data was intercepted at any point during the transmission.

d) The web site you're purchasing from is in good standing (I.E.: the site is established and does not reside in a country that is known for high rates of fraudulent activities [Russia, for example]).

I hope this sheds some light ;-)

For further reading:

Using Trace Route and Ping to trace pathways on the Internet

Dennis' PC Security Tutorial

PS: An excellent password / credit card repository program I highly recommend is "RoboForm". It has the capability to encrypt the data it holds, can password protect all information in its repository, allows you to easily transport your passcards to another computer, and best of all -- it 'autocompletes' web forms so you don't have to enter the data yourself. I use it RoboForm every single day (about 10 ~ 30 times each day)!

Roboform Review

Rate this article: 
No votes yet