keylogger | Breaking Cybersecurity News | The Hacker News

"The right keyboard can make all the difference between a victory and a defeat in a video game battlefield." If you are a gamer, you can relate to the above quote. But what if your winning weapon betrays you? The popular 104-key Mantistek GK2 Mechanical Gaming Keyboard that costs around €49.66 has allegedly been caught silently recording everything you type on your keyboard and sending them to a server maintained by the Alibaba Group. This built-in keylogger in Mantistek GK2 Mechanical Gaming Keyboard was noticed by a few owners who headed on to an online forum to share this issue. According to Tom's Hardware , MantisTek keyboards utilise 'Cloud Driver' software, maybe for collecting analytic information, but has been caught sending sensitive information to servers tied to Alibaba. After analysing more closely, Tom's Hardware team found that Mantistek keyboard does not include a full-fledged keylogger. Instead, it captures how many times a key

It seems sophisticated hackers have changed the way they conduct targeted cyber operations—instead of investing in zero-days and developing their malware; some hacking groups have now started using ready-made malware just like script kiddies. Possibly, this could be a smart move for state-sponsored hackers to avoid being attributed easily. Security researchers from multiple security firms, including Arbor Networks and FireEye , independently discovered a series of malware campaigns primarily targeting aerospace, defence contractors and manufacturing sectors in various countries, including the United States, Thailand, South Korea and India. What's common? All these attack campaigns, conducted by various hacking groups, eventually install same information and password stealer malware—dubbed FormBook —on the targeted systems. FormBook is nothing but a " malware-as-as-service ," which is an affordable piece of data-stealing and form-grabbing malware that has been

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto , a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use snapshots, agents, or any other periodic data protection methodology. Zerto has no impact on production workloads and can achieve RPOs in the region of 5-15 seconds across thousands of virtual machines simultaneously. For example, the environment in the image below has nearly 1,000 VMs being protected with an average RPO of just six seconds! Application-Centric Protection: Group Your VMs to Gain Application-Level Control   You can protect your VMs with the Zerto application-centric approach using Virtual Protection Groups (VPGs). This logical grouping of VMs ensures that your whole applica

Cyber criminals are becoming more adept, innovative, and stealthy with each passing day. They have now shifted from traditional to more clandestine techniques that come with limitless attack vectors and are harder to detect. Security researchers have discovered that one of the most dangerous Android banking Trojan families has now been modified to add a keylogger to its recent strain, giving attackers yet another way to steal victims sensitive data. Kaspersky Lab's Senior malware analyst Roman Unuchek spotted a new variant of the well-known Android banking Trojan, dubbed Svpeng , in the mid of last month with a new keylogger feature, which takes advantage of Android's Accessibility Services. Trojan Exploits 'Accessibility Services' to Add Keylogger Yes, the keylogger added in the new version of Svpeng takes advantage of Accessibility Services — an Android feature that provides users alternative ways to interact with their smartphone devices. This change makes

Do you own a Hewlett-Packard (HP) laptop? Yes? Just stop whatever you are doing and listen carefully: Your HP laptop may be silently recording everything you are typing on your keyboard. While examining Windows Active Domain infrastructures, security researchers from the Switzerland-based security firm Modzero have discovered a built-in keylogger in an HP audio driver that spy on your all keystrokes. In general, Keylogger is a program that records every keystroke by monitoring every key you have pressed on your keyboard. Usually, malware and trojans use this ability to steal your account information, credit card numbers, passwords, and other private data. HP computers come with Audio Chips developed by Conexant, a manufacturer of integrated circuits, who also develops drivers for its audio chips. Dubbed Conexant High-Definition (HD) Audio Driver, the driver helps the software to communicate with the hardware. Depending upon the computer model, HP also embeds some code i

Security researchers have discovered a new Mac malware allegedly developed by APT28 Russian cyber espionage group who is believed to be responsible for 2016 presidential election hacking scandal. A new variant of the X-Agent spyware is now targeting Apple macOS system that has previously been used in cyber attacks against Windows, iOS, Android, and Linux devices. The malware is designed to steal web browser passwords, take screenshots of the display, detect system configurations, execute files and exfiltrate iPhone backups stored on the computer. The X-Agent malware is tied to Russian hacking group known as APT28 — also known as Fancy Bear, Sofacy, Sednit, and Pawn Storm — that has been operating since at least 2007 and is allegedly linked to the Russian government. "Our past analysis of samples known to be linked to APT28 group shows a number of similarities between the Sofacy/APT28/Sednit Xagent component for Windows/Linux and the Mac OS binary that currently forms

Hackers can steal your sensitive information, such as your Passwords, PINs and Keystrokes, from your phone by observing changes in the wireless signal as you enter them into your smartphones. A group of researchers from the Shanghai Jaio Tong University, the University of South Florida and the University of Massachusetts at Boston have demonstrated a new technique that can reveal private information by analyzing the radio signal Interference, using just one rogue WiFi hotspot. Dubbed WindTalker, the attack sniffs a user's fingers movement on the phone's touchscreen or a computer's keyboard by reading the radio signal patterns called Channel State Information (CSI). CSI is part of the WiFi protocol which provides general information about the status of the WiFi signal. " WindTalker is motivated from the observation that keystrokes on mobile devices will lead to different hand coverage and the finger motions, which will introduce a unique interference to the mult

Radio-based wireless keyboards and mice that use a special USB dongle to communicate with your PC can expose all your secrets – your passwords, credit card numbers and everything you type. Back in February, researchers from the Internet of things security firm Bastille Networks demonstrated how they could take control of wireless keyboards and mice from several top vendors using so-called MouseJack attacks. The latest findings by the same security firm are even worse. Researchers have discovered a new hacking technique that can allow hackers to take over your wireless keyboard and secretly record every key you press on it. Dubbed KeySniffer , the hack is death for millions of wireless, radio-based keyboards. The Cause: Lack of Encryption and Security Updates The KeySniffer vulnerability affects wireless keyboards from eight different hardware manufacturers that use cheap transceiver chips ( non-Bluetooth chips ) – a less secure, radio-based communication protocol. T

Yes, you heard me right. A newly discovered Facebook hacking tool actually has the capability to hack Facebook account, but YOURS , and not the one you desire to hack. How to Hack Facebook account? How to Hack my Girlfriends Facebook account? My boyfriend is cheating on me, How do I hack his Facebook Account? These are the queries that most of the Internet users search on Google. But Beware! If you come across any Facebook hacking tool that promises you to help you hack your friends Facebook accounts, you may end up downloading a hacking tool that could hack you, instead of them. Facebook  Hacking Tool that Can Really Hack, But Your Accounts Dubbed Remtasu , the tool is marketing itself as a Facebook hacking tool but actually is a Windows-based Trojan that has accelerated globally over the past year, and has now capability to disguise itself as an app for accessing people's Facebook account credentials. The tool contains a Keylogger that can captur

Another day, another stunning Malware – this time targeting banks, payment card processors, and other financial services. Security researchers have uncovered a sophisticated payment card malware that executes before the operating system boots, making the malware very difficult to detect and much less remove. The malware in question is part of " Nemesis " – a malware suite that includes all software programs for capturing screens, transferring files, injecting processes, logging keystrokes, and carrying out other malicious activities on the infected computers. Nemesis malware family has been seen in the past, targeting banks, ATMs, financial transaction processing, credit unions, and financial business service companies. Nemesis Bootkit Malware – Reappears even after Re-installation of the OS The malware with bootkit functionality has been in operation since early this year and has the ability to modify the legitimate VBR ( Volume Boot Record ) that ma

Security researcher has developed a cheap USB wall charger that is capable to eavesdrop on almost any   Microsoft   wireless  keyboard . MySpace mischief-maker Samy Kamkar has released a super-creepy keystroke logger for Microsoft wireless keyboards cunningly hidden in what appears to be a rather cheap, but functioning USB wall charger. The stealthy Arduino-based device, dubbed " KeySweeper ", looks and functions just like a generic USB mobile charger, but actually sniffs, decrypts, logs, and reports back all keystrokes from a Microsoft wireless keyboard. " KeySweeper is a stealthy Ardunio-based device camouflaged as a wall charger that wirelessly sniffs, decrypts, logs and reports-back all keystrokes from any Microsoft wireless keyboard in the vicinity," Kamkar said. The security researcher has also released instructions on how to build the USB wall charger online and surprisinglyits is cheap to build and quite capable. KeySweeper includes a web

Once again USB has come up as a major threat to a vast number of users who use USB drives – including USB sticks and keyboards. Security researchers have released a bunch of hacking tools that can be used to convert USB drive into silent malware installer. This vulnerability has come about to be known as " BadUSB ", whose source code has been published by the researchers on the open source code hosting website Github , demanding manufacturers either to beef up protections for USB flash drive firmware and fix the problem or leave hundreds of millions of users vulnerable to the attack. The code released by researchers Adam Caudill and Brandon Wilson has capability to spread itself by hiding in the firmware meant to control the ways in which USB devices connect to computers. The hack utilizes the security flaw in the USB that allows an attacker to insert malicious code into their firmware. But Wait! What this means is that this critical vulnerability is now ava

This week Microsoft announced the next version of its Operating system, dubbed WIndows 10, providing Windows 10 Technical Preview release under its " Insider Program " in order to collect feedback from users and help shape the final version of the operating system, but something really went WRONG! " Inside Microsoft's Insider Program you'll get all the latest Windows preview builds as soon as they're available. In return, we want to know what you think. You'll get an easy-to-use app to give us your feedback, which will help guide us along the way ." Microsoft website reads . Well, how many of you actually read the " Terms of Service " and " Privacy Policy " documents before downloading the Preview release of Windows 10? I guess none of you, because most computer users have habit of ignoring that lengthy paragraphs and simply click " I Agree " and then " next ", which is not at all a good practise. Also Read:   Deep Web Search Engines .

A new surge of malware has been discovered which goes on to infect hundreds of thousands of computers worldwide and allegedly steals users' social and banking site credentials. Few days back, a list of 5 million combinations of Gmail addresses and passwords were leaked online. The search engine giant, Google said that Gmail credentials didn't come from the security breaches of its system, rather the credentials had been stolen by phishing campaigns and unauthorized access to user accounts. Just now, we come across another similar incident where cyber criminals are using a malware which has already compromised thousands of Windows users worldwide in an effort to steal their Social Media account, Online account and Banking account Credentials. A Greek Security Researcher recently discovered a malware sample via a spam campaign (caught in a corporate honeypot), targeting large number of computers users rapidly. He investigated and posted a detailed technical analyses of

I am considering that you all must have read my last article on OpenSSL Heartbleed , a critical bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server's memory, potentially revealing users data, that the server did not intend to reveal. The Heartbleed vulnerability made headlines around the world and my last article explains everything about probably the biggest Internet vulnerability in recent history, but still some readers are not aware of its nature, otherwise they would not have been a victim of the spam campaigns. Spammers are very smart on gaining from every opportunity they get, so this time they are taking advantage of the infamous Heartbleed bug and frighten the users into installing Anti-Heartbleed Software onto their systems, which is obviously a malware. The researchers at Symantec have unearthed a spam campaign targeting people by sending spam emails that warns them their

ZeuS , or Zbot is one of the oldest families of financial malware , it is a Trojan horse capable to carry out various malicious and criminal tasks and is often used to steal banking information. It is distributed to a wide audience, primarily through infected web pages, spam campaigns and drive-by downloads. Earlier this month, Comodo AV labs identified a dangerous variant of ZeuS Banking Trojan which is signed by stolen Digital Certificate belonging to Microsoft Developer to avoid detection from Web browsers and anti-virus systems.  FREE! FREE! ZeuS BRINGS ROOTKIT UPDATE Recently, the security researcher, Kan Chen at Fortinet has found that P2P Zeus botnet is updating its bots/infected systems with updates version that has the capability to drop a rootkit into infected systems and hides the trojan to prevent the removal of malicious files and registry entries. The new variant also double check for the earlier installed version (0x38) of ZeuS trojan on the infecte

The devices are becoming smarter, therefore the chances to abuse them have increased. As the share of Android has become 87% in the global Smartphone market, so the Android is by far an elementary target of the mobile malware developers. The number of malware variants has increased rapidly and today 99 out of 100 mobile viruses are targeting Android Devices. Most of the sophisticated malware has the capability to steal keylogs , send text messages to the premium numbers, steal personal data without requesting permission from the device user, also have the caliber to modify SMS and MMS messages and contacts.  Mobile Malware can modify or steal the content stored on your device's SD card and some advance botnet  malware even can give complete remote control of your device to an attacker. DENDROID Beginning this month, we warned our readers from one such sophisticated android malware toolkit discovered by the Symantec researchers that dubbed as ' Dendroid ', which runs on HTTP prot