Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 108 - November 2010 - Page 3

Pages in this month's issue:
  1. Muslims Praying Every Friday in Streets of New York Protest Message
  2. Unfounded Facebook Rumour - Thierry Mairot Wants to Talk to Children About Sex
  3. Security Warning Message - Black Device Connected to Keyboard
  4. Got a pencil? - Amazing Pencil Tip Sculptures by Dalton Ghetti
  5. 'New' Italian Police Car - Lamborghini Crash
  6. 'Interesting Fact' About October 2010 - 5 Fridays, 5 Saturdays, 5 Sundays
  7. Jean Paul Garang Advance Fee Scam
  8. Revamped 'Life Owner' Hoax Uses Name of Real Virus - 'Here You Have It' Hoax Version
  9. Free Blackberry Storm for Forwarding Hoax
  10. Floating Rock 'Miracle' - Surprising Rock in Saudi Arabia
  11. Photographs of Monster Croc Caught at Borroloola
  12. Feeding the Eagles
  13. Corpus Christi - Gay Jesus Movie Hoax
  14. Rejected Federal Tax Payment Phishing Scam Email
  15. 'Bighorn Sheep' On Dam Wall Photographs
  16. Bogus Facebook Rumour - Thomas Cowling Wants to Talk to Children About Sex
  17. Fake iTunes Receipt Email
  18. 809 Area Code Scam Warning Email
  19. Baby Shot With Brad Nailer Prayer Request
  20. Internet Rumour - UNESCO Chooses Indian National Anthem as Best In The World
  21. Pen PC - Pen Shaped Miniature Personal Computer

Issue 108 Start Menu

Previous Article            Next Article

Security Warning Message - Black Device Connected to Keyboard

Outline
Message warns users of public computers to check for a black device that, when plugged into the computer's keyboard by a fraudster, can store all key strokes entered, including passwords.



Brief Analysis
Such keylogging devices do exist and they certainly can be used to steal personal information from unsuspecting computer users. Computer users should be aware that such devices exist and may be used to steal data. However, the devices are not new technology as suggested in the message and they are not always black. Keyloggers come in all shapes, sizes and colours. There are also software keyloggers that users may inadvertently download from malicious websites. Software keyloggers are probably a more potent security threat than the hardware devices described in the message,

Bookmark and Share
Detailed analysis and references below example.



Last updated: 1st October 2010
First published: 30th September 2010
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example
Subject: Beware the black device connected to the computer keyboard.

Beware the black device connected to the keyboard.

PLEASE BE CAREFUL WHENEVER YOU'RE USING A public computer (Like INTERNET CAFES, HOTELS, ETC ).

CHECK THE BACK OF THE PC AND SEE IF THE BELOW DEVICE IS THERE.... IF SO..then DO NOT USE IT!

Additional adapter
Black Device Keylogger
Black Device Keylogger


New storing device fits at the end of the keyboard cable connecting to the PC specialized to save all typed keys in it.

Mostly could be used in net cafes, exhibitions, hotels and airports therefore be careful especially the people who use the Internet in these places to enter their bank accounts online or any other important sites.

After you enter the bank account and leave the PC it will be easy to open your account again as all that you have typed has been saved in the Black device.

Therefore, you should check the PC for any suspicious piece behind it before using the net in public places for important sites.

Please send it to all who you know to educate them against this fraud.




Detailed Analysis
This warning message, which has circulated in various versions for several years, advises people using public computers such as those in Internet Cafes to watch out for a "black device" that can steal the user's data when connected to the computer's keyboard. The message claims that after the device has been plugged into the keyboard cable and then into the back of the computer, it can then record every keystroke entered into the computer. Thus, claims the message, when the fraudster who placed the device subsequently retrieves it, he or she will be able to harvest any information that the user has entered on the computer, including bank account details and other private information. The message normally includes pictures showing the black device and how it is installed.

Such devices do exist and are generally known as "key loggers". The brand of keylogger shown in the message is a KeyShark Key Logger and is available for sale at many different computer outlets and websites around the world. Product information about the device describes it as follows:
This is a device that can be connected to a keyboard to record all keystrokes. It has a changeable password, keyword search, enable/disable option, and stores over a years worth of data.

Keyshark plugs in between your keyboard and your computer. A microcontroller interprets the data, and stores information in the non-volatile memory (which retains the information even when there is a loss of power.) This means that the Key Shark device can be unplugged, and the information will not be lost.

To access the recorded data, you simply type menu in a text editor and the Key Shark comes to life. A menu is displayed with options to erase data, view data, search data for keywords, change password, or disable the device.
The black Keyshark Key Logger shown in the photographs is in fact only one kind of hardware keylogger. The devices come in all shapes and sizes and are not always black. There are also USB and wifi keyloggers as well as PS/2 devices like the one shown here. And despite the claim in the warning message, the devices are certainly not new. In fact, they have been around in one form or another for a number of years.

It should be noted that the devices themselves are not illegal and can be easily procured. Possible legitimate applications for keyloggers might be the monitoring of children's use of the Internet, permission based monitoring of staff activity or helping software developers learn how test users interact with new software products. Law enforcement agencies may also use the devices when gathering evidence or intelligence. That said, keyloggers can indeed be used for nefarious and illegal purposes.

So, what of the scenario described in the warning message? It is not impossible that criminals might use such tactics and may indeed have done so, especially if they were actively targeting a specific user. However, installing and later retrieving enough of the devices to enable the scammers to collect a meaningful amount of usable data seems a little problematical. The devices are not particularly cheap, so procuring enough of the devices to make such a scam consistently pay off could require a considerable monetary outlay for our would be hacker. Moreover, installing the device involves disconnecting the keyboard, plugging the keylogger into the back of the computer, and then reconnecting the keyboard - not a particular easy procedure to perform in a crowded Internet Cafe. Nevertheless, users of public computers would be wise to keep an eye out for such devices. An unscrupulous Internet Cafe owner or staff member could certainly install the devices unbeknownst to customers

All in all, however, a much more potent keylogging threat to users exists in the form of software keyloggers. Software keyloggers, which can perform the same function as hardware devices such as the Keyshark, are much cheaper and can potentially be installed on a great many more computers. Keylogger software in the form of trojans horses can be installed on thousands or even millions of computers via malware email campaigns that cost the criminal very little to implement. Therefore, it seems probable that serious criminals are considerably more likely to operate software keyloggers than use the more expensive and cumbersome hardware variety.

Bookmark and Share

References
KeyShark - Key Logger



Previous Article            Next Article

Issue 108 Start Menu

Pages in this month's issue:
  1. Muslims Praying Every Friday in Streets of New York Protest Message
  2. Unfounded Facebook Rumour - Thierry Mairot Wants to Talk to Children About Sex
  3. Security Warning Message - Black Device Connected to Keyboard
  4. Got a pencil? - Amazing Pencil Tip Sculptures by Dalton Ghetti
  5. 'New' Italian Police Car - Lamborghini Crash
  6. 'Interesting Fact' About October 2010 - 5 Fridays, 5 Saturdays, 5 Sundays
  7. Jean Paul Garang Advance Fee Scam
  8. Revamped 'Life Owner' Hoax Uses Name of Real Virus - 'Here You Have It' Hoax Version
  9. Free Blackberry Storm for Forwarding Hoax
  10. Floating Rock 'Miracle' - Surprising Rock in Saudi Arabia
  11. Photographs of Monster Croc Caught at Borroloola
  12. Feeding the Eagles
  13. Corpus Christi - Gay Jesus Movie Hoax
  14. Rejected Federal Tax Payment Phishing Scam Email
  15. 'Bighorn Sheep' On Dam Wall Photographs
  16. Bogus Facebook Rumour - Thomas Cowling Wants to Talk to Children About Sex
  17. Fake iTunes Receipt Email
  18. 809 Area Code Scam Warning Email
  19. Baby Shot With Brad Nailer Prayer Request
  20. Internet Rumour - UNESCO Chooses Indian National Anthem as Best In The World
  21. Pen PC - Pen Shaped Miniature Personal Computer