Home > CoDefender Overview > Anti-keylogging Explained

CoDefender™ Anti-keylogging Technology

What Are Keyloggers?

Keyloggers record your keystrokes as you type. This may be acceptable if know who is recording your keystrokes and you have given explicit permission for them to do so. However, malware writers and hackers have the ability to create, distribute and install keyloggers into your system without your knowledge. This typically happens through a user opening a virus infected file, opening infected email attachments, or simply visiting a compromised website. This may happen even if you have security products installed, such as anti-virus and anti-spyware programs. The reason for this is that most security products in the market rely on the use "signatures". These are distinctive patterns that a security software looks for when detecting malware. If a signature is not available, protection is also not available.

More sophisticated security products instead use behavioral models of how malware behaves to detect their presence. This may include the use of heuristics and the like. However, malware changes and new forms are continually being released by very clever cyber criminals. If the behavior model and/or heuristics are not programmed or updated, then the malware will simply slip through the security software.

Once installed, a keylogger has the ability to record every keystroke you type and send that information back to the hacker. Examples of some of the information that may be stolen:

• Passwords.
• Credit card details.
• Social security numbers.
• Personal information, such as name, address, phone numbers, fax numbers, and email.
• Information about your family, friends and colleagues.
• Sensitive corporate information.

How Does CoDefender Anti-Keylogging Technology Work?

CoDefender Anti-keylogging Technology works by encrypting your keystrokes at the driver level as soon as you type on your keyboard. Your keystrokes are then decrypted just before an application processes it. Keyloggers typically spy on your keystrokes as they travel through your system as it makes its way from your keyboard to the application you are typing into. By encrypting your keystrokes at the driver level before they travel through the main part of your system you are protected from malicious keyloggers.

By operating at a kernel driver level below even those used by some keyloggers, your keystrokes are encrypted and safe from kernel-level keyloggers.

Tight integration with protected applications ensure that decrypted keystrokes cannot be spied upon by keyloggers.

CoDefender Anti-keylogging Technology continues to operate to provide protection even when malware containing keyloggers penetrates through your existing security programs and runs on your system. CoDefender Anti-keylogging Technology does not rely on the use of signatures to provide you this level of protection.

Your standard computer operating without CoDefender Anti-keylogging Protection Modules is vulnerable to keyloggers that come in via worms, viruses and malware, as illustrated below:

Your computer running CoDefender software with Anti-keylogging Protection Modules is protected from keyloggers as illustrated below:

How Is It Different?

CoDefender Anti-keylogging Technology differentiates itself from other anti-keylogging technologies in the following ways:

• Extensive application protection - whether you open another window, browser tab, or type into password dialog boxes, you are protected by CoDefender software.
• Tight integration with the applications it protects. This provides a very high level protection from keyloggers.
• Each application is protected separately to cater for the different ways an application processes keyboard inputs.
• Protects against keyloggers including those based on Windows hooks and those operating at the user or kernel level. Keystrokes are encrypted before kernel-level keyloggers have a chance to record your keystrokes.
• Protects against keyloggers even if malware has penetrated through your existing security programs, such as anti-virus and anti-spyware software.
• Protects each application individually via CoDefender Protection Modules.
• Built on the CoDefender Extensible Security Architecture to support the automated delivery and installation of new and updated Protection Modules.

Physical Keyloggers

What if someone plugs in a physical keylogger between your keyboard and your computer system? CoDefender software does not protect you against physical keyloggers. If someone manages to secretly install a physical keylogger in your work environment, then you have bigger security issues to address that are currently beyond the reach of CoDefender software.

Wireless Keyboards

Wireless keyboards transmit keystroke data wirelessly, and as such may be vulnerable to keystroke logging by an external device. CoDefender software currently does not protect you from this type of keylogging. Please be careful and be mindful of your environment if you choose to use a wireless keyboard.

What CoDefender Anti-keylogging Technology Does Not Do

CoDefender Anti-keylogging Technology encrypts data to make it incomprehensible to cybercriminals who steal it via keyloggers and transmit it over a network. However, it does not encrypt data that has been properly transferred to protected applications. Currently, it is up to the protected applications to further encrypt the data before sending over a network. Web browsers already do this for secure sessions by encrypting data using the SSL protocol to secure the HTTP traffic. When this feature is on, your web browser displays an image of a lock and the URL starts with "https". Make sure CoDefender software is protecting the browser and the lock is displayed whenever you make an important Internet transaction via your web browser.