Hi, >As per my knowledge, there are no such keyloggers or spywares which uses any technique to defeat virtual keyboards. >However, the technique that I am going to discuss here can be used by malicious program writers to write next generation >viruses / worms to defeat such virtual keyboard protections. >Hence, I hope people who are using Virtual Keybords shouldn't stay very over-confident.
Very wrong ;) There are such keyloggers in the wild...I had to "decipher" the logs of a keylogger that was attacking some banks over here. The logs had all the information, and all the banks in question used virtual keyboards. I had no chance to analyse the program... Virtual keyboards are not the solution. A much "better" alternative is a stealth program, who proxies the transactions. Call it a second order trojan, sitting there, stealthy, doing nothing, and when it seems some interesting transcation, just redirect it to another account, for example. That would be much harder to detect. The incident in question wasn't very hard to manage, because we had the login to the dump site, and logs were deciphered. That's one of the problems with keyloggers attack, what it captures must be dumped somewhere. fG! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
