Originally, a keylogger is special hardware or software that records every keystroke on the target device. However, modern keyloggers are capable of much more than that. Actually, they are software packages that include such most universal features as capturing screenshots, visited websites, social media and IM activity, application tracking and others.
There are two types of keyloggers: hardware and software ones.
A hardware keylogger is a small device consisting of a microcontroller and a non-volatile memory device, such as a flash memory. The device is plugged between the computer and a keyboard and stores all recorded information which can be retrieved later by typing a special password in the text editor of the computer. A sure drawback of this type of keyloggers is their limited functionality - they can record only pressed keys.
A software keylogger is a small program which is installed directly on the target device. After the installation which takes 2-3 minutes, the program works in the background undetected and captures not only keystrokes but all user activity. The activity is saved in a log file which can be viewed from the target device or sent to a monitoring account, by email or other means depending on the functionality of the program. In this article, we will cover this type of keyloggers in more detail.
Keyloggers can be installed directly or remotely. Most commercial keyloggers will require direct access to the target computer with the admin privilege to be installed. The installation and initial set up usually takes no more than 2-3 minutes and doesn't differ much from a usual program.
However, keyloggers can be installed remotely and silently without you even knowing they are there. For example, this method can be used in large companies who implement employee monitoring systems. Here installing a program on each computer is too time-consuming that is why company IT specialists can employ Group Policy to install the program on all computers at once. However, the remote installation may also be used by hackers to acquire sensitive data such as passwords, bank accounts or personal correspondence. For example, you receive an email about a secret sale in one of your favourite online shops, but details of the sale are in the attachment. Don't rush to open the attachment immediately, take time to make sure the offer was indeed sent from the shop's official email address. No? Then, most probably, the attachment contains a keylogger which will be installed as soon as you open the file. A keylogger can also be installed when you click a suspicious link in the email or on an unfamiliar website. Luckily, not all keyloggers support remote installation.
Keyloggers save recorded activity in a log file - a kind of a journal which contains not only the event, for example, the typed word, but also additional information about it such as date and time when it happened and the name of the application or a website where it was typed. The data can be viewed in chronological order or filtered to display only a certain type of events, for example, screenshots or visited websites.
Depending on the functionality of the chosen keylogger, log files can be viewed locally on the target computer or sent automatically to an online monitoring dashboard, by email, Google Drive, Dropbox, FTP, LAN etc. In the latter case, viewing data becomes much more convenient as you can check the user's activity remotely without getting access to the target computer.
As we can see, keyloggers collect huge amounts of data about the user's daily activity on a computer and online habits. This data can be used later for various purposes. A thoughtful employer can implement such a monitoring system to find out habitual slackers and protect the company from corporate data leakages. Next, keylogger data is useful for worried parents who want to keep an eye on their children's activity online. If you suspect your partner of infidelity, a keylogger program may help you either to dispel mistrust or to get an irrefutable proof.
However, the coin has a reverse side to it. Keylogger software may also serve evil purposes, such as stealing passwords or other sensitive data.
Whatever purpose keyloggers are used for, it raises the next question.
Obviously, the answer depends on the purpose a keylogger is used for. If you install the keylogger on the computer that you own, there is nothing illegal about it. The same applies to parents who monitor their children's Internet activity. If you are an employer, you are obliged to notify the staff that they are being monitored and to use the software only in the areas where laws permit such type of monitoring.
On the other hand, unauthorized monitoring of devices that do not belong to you may result in serious legal consequences. It is unlawful to install keyloggers on another person's computer without their knowledge, even if this person is your partner or spouse. More than that, using a keylogger for criminal purposes such as stealing passwords, accounts and other sensitive data is evidently illegal and will lead to monetary and law penalties.