Keystroke Logger Caught

from the getting-all-the-scammers dept

Lots of stories popping up this week of people who are getting caught in their various scams. We had the guy who tried to extort Google and the guy who ran a phishing scam. Now, the latest, is that federal prosecutors have charged a California man with placing a keystroke logger on a computer at an insurance company that employed him. He’s been charged with illegal wiretapping and faces five years in prison. The interesting thing, though, is the only way they caught him was because he was fired from the company and asked another employee to remove the keystroke logger. In other words, it wasn’t any real detective work, but him telling someone. This means, if he hadn’t mentioned it, it’s likely this would have continued and no one would have noticed. It seems likely that things like keystroke loggers are becoming increasingly popular for those involved with corporate espionage – but it doesn’t seem like most companies do much to check if their computers are clean from such programs.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Keystroke Logger Caught”

Subscribe: RSS Leave a comment
Nonesuch (user link) says:

Hardware device?

It’s not entirely clear that the “keystroke logger” was software, and not a physical hardware device installed inline between the keyboard and the PC,

If it was a physical “keycatcher” device, then physical access would normally be necessary to view the logs.

I say “normally” because the fifty buck consumer versions simply dump the log out to the PC when the user-selectable password is typed — there are rumors of higher end products (some embedded in keyboards) with IR/RF/PCS transmission capability…


(P.S. I have no affiliation or affiliate kickback relationship with CyberGuys.)

Matt says:

Re: Hardware device?

Reading through this Techdirt entry, it didn’t even cross my mind that it was a software logger until the very end – I had assumed it must have been one of those hardware loggers.

Would make more sense if it were hardware – surely even the sloppiest insurance companies would prevent their employees from installing unauthorised software?

…or maybe not :p

JonnyRo (user link) says:

Keystroke Loggers

It is a very valid concern from an IT professional’s point of view to be worried about users having keystroke loggers, physical or otherwise, installed on their systems. Many users are non-technical and might operate for years without ever noticing a keystroke logger, heaven forbid they are duped into installing it themselves.

One way to catch such antics in an always networked environment would be to monitor outgoing internet traffic on weekends when no one is in the office to build a list of external sites that are connected to from internal computers to external addresses. As for the hardware loggers there really isnt much of anything that can be done, aside from maintaining a trusted computer behind a locked door that is used for extremely confidential stuff.

The problem with that approach is that you are increasing the effort required to use a resource, thereby reducing it’s utility. If you dont strike the right balance users will simply abandon/ignore secure operating practices.

Anonymous Coward says:

Which law?

I’ve read on many occasions that federal bugging laws only apply to voice communications. Hence, hidden cameras that did not record sound were OK, whereas hidden microphones were not. If that’s true, then how do federal bug laws apply to a keyboard logger? Can anyone here tell me exactly which law he is charged with violating?

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...