How To: Defend from Keyloggers in Firefox with Keystroke Encryption

Defend from Keyloggers in Firefox with Keystroke Encryption

How to Defend from Keyloggers in Firefox with Keystroke Encryption

Null Byte is looking for moderators.

More threats to computers exist every day. Not only do we have computer viruses and malware, but we have rootkits and other nasty pieces of code that can log your keyboard strokes or even add your computer to a botnet to attack other websites. Your computer can be infected even if you have anti-virus software installed. I can't stress enough how easy it is for a hacker to write a piece of code that gets around every piece of anti-virus software.

Keystroke logging is the act of intercepting typed keys before they are displayed to the screen, then logging them to a file. This allows for intrusion and access to data—even passwords.

Normally, when a key is pressed and entered into a computer, the keystroke goes from the keyboard to the OS kernel. From there, it goes back out and prints to the screen. To intercept this, a keylogger must inject itself between the keyboard and the kernel. Since keyloggers go before the application, your passwords are never obfuscated or encrypted, which leaves them viewable in plain text in the keylogger's log files.

In this Null Byte, I'm going to teach you how to encrypt your keystrokes for free in the most sensitive of places—your web browser. There are solutions to encrypt every keystroke within Windows OS, however, they all come with a price tag.

Requirements

  • Firefox
  • Windows

Step 1 Install the Addon

  1. Download the Firefox addon, KeyScrambler.
  2. Follow along with the video guide below for the basic installation.

Step 2 Setting It Up

After the installation, you may require a reboot. As you can see in the video, there are a few select settings that I had changed (you may wish to do the same). For now, as stated, this version only gives users encrypted keystroke protection in Firefox (or IE, but who uses that?). In order to obtain full OS protection, you need to purchase the full version. Currently, there isn't a free or open source keystroke encryption program available.

I recommend that you change one setting in particular. It's an animated popup notification, and no offense to the developers, but it is terrible and lags on my system, so I'm pretty sure it's worth disabling. The popups are annoying anyways, they just tell you when your keystrokes are being protected.

  1. Open Firefox.
  2. Go into the addon preferences and select KeyScrambler.
  3. Disable animated popups.

How to Defend from Keyloggers in Firefox with Keystroke Encryption

I am currently planning to code an open source key encryption software for Linux. Currently, none are available. Feel free to contact me if you would like to code it with me.

Follow and Chat with Null Byte!

Image by battleshipcove

6 Comments

Keystroke encryption software exists for mac as well. KeyScrambler personal (the same shown above) albeit in an older version, is available for mac here: http://keyscrambler-personal.softpedia.com/

Thanks :D. If I'm not mistaken, I may have seen a few free ones laying around. Idk why there isn't one for Linux :/.

Great article. I'll be setting this up on both my computers at home. Also, I'd be stoked to help you code the encryption software, but I'm nowhere near the skill level that's probably needed for that. Oh well. I'd still be willing to test/help out in any way I can, though.

Thanks :). It'd be cool to get this done. I just need to learn more Xlib.

most likely they reason they dont have one for linux is all the dumb computer people use windows, we all know that most of those people end up with viruses

While possibly true, I think you have some kind of logic flaw..

Share Your Thoughts

  • Hot
  • Latest