Keylogger

A keylogger captures keyboard input and either stores it locally or transmits it to an attacker. Software keyloggers run as user-mode hooks, kernel drivers, or browser extensions; hardware keyloggers sit inline between keyboard and computer or hide in modified peripherals. Attackers use them to harvest credentials, OTPs typed manually, banking data, chat messages and intellectual property. Keyloggers are common components of info-stealers, banking trojans and corporate-espionage toolkits. Defences include EDR with behaviour monitoring, MFA based on hardware keys (FIDO2), virtual keyboards for sensitive entry, physical inspection of workstation cables and disabling unused USB ports.