Home  |  Products  |  Security Alerts  |  Reviews  |  Media Room  |  Updates  |  Help

Hardware Keylogger Detection

Hardware Keyloggers come in two versions:

-As small devices about the size of a AA battery that are plugged in-line with your keyboard.

-As a normal looking keyboard with an internal keylogger, or Trojan Keyboard.

These devices are generally used by companies to monitor employees, private investigators looking for evidence, or really serious identity thieves who want to keep track of what you do on your computer. 

Hardware keyloggers are generally advertised as being better than software keyloggers because they are undetectable.  This is true for the uneducated; however after reading this page you will be able to spot a hardware keylogger with ease!

A hardware KeyLogger is most often installed between your keyboard and computer, like this:

By taking a peek behind your system and following your keyboard cable, you can find out if there is something "odd" inserted between your keyboard and computer.

One of the most popular hardware keyloggers is KeyGhost (www.keyghost.com). You can visit that site for more information on hardware keyloggers and why they are such an intrusion into your privacy.  Here is a representation of what a hardware keylogger may actually look like installed:

-or-

Depending on the brand of your keylogger, it may differ from the above photo.  If you see a device about the size of a AA battery along your keyboard line, it could either be a filter, which is harmless, or a hardware keylogger.  Look at the device carefully for connectors which would make it removable.  If it appears that the device can be removed from in between the keyboard and computer, chances are that it is a hardware keylogger.

A hardware keylogger disguised as a real keyboard would be completely undetectable:

To prevent this threat, make sure that you are using the keyboard that shipped with your computer, or that YOU unpacked after purchasing from a reputable store.  If a "friend" offers a new keyboard for free and they may have an alterior motive, be very cautious!  If in doubt, buy a new keyboard as they're quite inexpensive.

REMOVAL OF A HARDWARE KEYLOGGER:

To remove a hardware keylogger, whether it it be an inline model or a trojan keyboard, follow these steps carefully:

1. Power off your computer and unplug it.  You could damage your system if you attempt to remove the keylogger while your computer is running!
2. Carefully disconnect the keyboard from your computer.
3. If it's an inline keylogger, simply remove it.  If it's a trojan keyboard, swap it with a known safe one.
4. Plug the keyboard directly back into the computer.  Make sure that it is plugged in completely, and be gentle as the connectors are somewhat fragile.
5. That's it!  Turn your system back on and run SpyCop to make sure that any of the software keyloggers or spy programs are not running!

WHAT IF I HAD A HARDWARE KEYLOGGER?

After removing the hardware keylogger, it is vital that you change ALL your passwords as they may have been compromised.  Think about your online banks and other services where personal information may be at risk and contact them to let them know that your data may have been stolen.

After removing the hardware keylogger, you may want to physically destroy the unit to ensure that the data contained within can not be retrieved.  Be aware, however, that some hardware loggers can send their data out secretly and do not require physical access after the device was initially planted.

Alternatively, the device may be evidence that you can use in a prosecution should it be a criminal theft.  If this may be the case, store the device in a safe place, being careful to avoid contamination of possible fingerprints and contact your local law enforcement for help.

Company  |  Affiliates  |  Privacy  |  Contact Us