DELHI TECHNOLOGICAL UNIVERSITY

IT-321
MALWARE ANALYSIS ASSIGNMENT

KEYLOGGERS ANDROID MALWARE

NAME: JIM JOHN ODIWUOR
ROLL NO: 2K17/CO/189
 INDEX
1. INTRODUCTION

2. USES OF KEYLOGGER

3. HOW KEYLOGGERS SPREAD

4. HOW HACKERS INSTALL A KEYLOGGER

5. SIGNS SHOWING KEYLOGGER IS IN YOUR PHONE

6. HOW TO DETECT KEYLOGGER ON ANDROID PHONE

7. HOW TO PROTECT YOURSELF FROM KEYLOGGERS

8. CONCLUSION
 ANDROID KEYLOGGERS
INTRODUCTION
Keyloggers are malware designed to record your keystrokes, or when it comes to
mobile devices, the information you type on your device.
The keylogger softaware can also be found on surface web not only the dark web
readily available to the general public and indexed in the search engines is somewhat
shocking and disturbing.
Sadly, these apps are usually masquerading as parental control solutions, while other
developers are openly encouraging the surveillance of your friends and partners.
Android devices, along with laptops, and other electronic devices has both premium
hardware and software features.
These allow Android devices to function almost the same as our laptops or personal
computers. Given that, our Android devices have also become vulnerable to Android
keyloggers and viruses.
There are diverse kinds of keyloggers depending on the type of key login methods.
Keylogging involves tracking and recording every keystroke made on a keyboard
without the consent and knowledge of the user. It may be in the form of hard
hardware device or software piece of software. The most important aspect of
keylogger is that the login are prone to be used by fraudulent groups to access
sensitive information like username, password credit card numbers and the like.

USES OF KEYLOGGER
1. It can also be important security perspective to monitor their employees’
behavior . They may get notifications on the activities through keyloggers. Thus,
keyloggers can be used to keep employees’ behavior at the desired level.
2. Wives/husbands can also use keylogger technology to track the activities of their
spouses if they feel their spouses are indulging in extra-marital relationships,
Even in case of programs like WhatsApp, Snapchat when search on the browser,
cell phone calls can be tracked using keylogger technology.
3. Employers use the keylogger technology to track the activities of employees.
4. Parents use android keylogger for tracking their children’s activities without
their knowledge.

HOW KEYLOGGERS SPREAD

Keyloggers can be installed when a user clicks on a link or opens an attachment/file from
a phishing mail

Keyloggers can be installed through webpage script. This is done by exploiting a

vulnerable browser and the keylogger is launched when the user visits the malicious
website.

A keylogger can be installed when a user opens a file attached to an email

A keylogger can be installed via a web page script which exploits a browser vulnerability.
The program will automatically be launched when a user visits an infected site

A keylogger can exploit an infected system and is sometimes capable to download and
install other malware to the system.

HOW HACKERS INSTALL A KEYLOGGER

A hacker employs a Trojan virus as a delivery tool to install a keylogger. But way
before one is downloaded onto your system, a hacker will use two different methods
to get it into your computer. And both ways involve your participation.

The first method involves phishing. Phishing is the act of faking an email from a
legitimate company to fish for passwords and credit card numbers. Sometimes,
these emails contain attachments which download programs stealthily into your
computer once you click on them.

For the second method, the hacker researches on his intended victim beforehand in
order to find a weakness in her or his online habits. Let's say a hacker finds out the
victim habitually visits porn sites, the hacker might craft an email with a fake coupon
for a membership into an exclusive erotic website. Since this method targets a
particular fondness of the victim, there's a large chance of success that the he or she
will download the fake attachment, unknowingly installing the keylogger.

SIGNS SHOWING KEYLOGGER IS IN YOUR PHONE

The Battery Is Draining Quickly

When an Android phone battery drains quickly, it’s usually because an app or
software is running in the background. In the case of Android keyloggers, they are
designed to be undetectable and don’t appear as a typical phone app/software
would. So at first, you may not realize a keylogger is spying on you.

Your Phone Is hot

When a phone is working overtime with apps and software programs open, it can
heat up similar to how a computer would. If you’ve closed all of your apps and
programs, and it’s still hot for a while, there’s likely a keylogger on your device.

Received Strange Text Messages

Android keyloggers are often installed via text message. A text will be sent to the
target phone using a strange code or link. If you see texts like these, don’t click on
the link and immediately delete them.

The Phone’s Turning On and Off

Some software or code such as a keylogger invades your phone and affect its
operating system. When this happens, your phone can do some abnormal things
including turning on and off.

Performance Is Slow
As said before, when an app or software is working in the background, it can affect
the phone’s functionality. With this, the phone will operate more slowly. You may be
able to tell this when browsing online or trying to load social media apps.

HOW TO DETECT KEYLOGGER ON ANDROID PHONE

Check Your Phone’s Downloads
An Android keylogger will need to be download to your device in order to work. So,
you’ll be able to see the file in your phone’s Downloads folder. Usually, you can find
this by searching Downloads on your phone, going to your My Files app, or checking
your settings. The keylogger file may be a combination of random characters, and
end in APK.

Use Antivirus Software

Just like with any virus or malware, antivirus software will find a Android keylogger
and quarantine it. The software is effective, fast, and will help protect your
smartphone on a regular basis.

Reset Your Phone

When in doubt, reset your phone. Doing this is the sure way of removing any
Android keylogger or other viruses from your device. Beforehand, make sure your
phone data is backed up, whether using an application or through your cell phone
carrier.

HOW TO PROTECT YOURSELF FROM KEYLOGGERS

Take caution when opening attachments: Keyloggers can be present in files received
through email, chats, P2P networks, text messages or even social networks. If
someone sends you an email out of the cold or the contents of the email are asking
for your personal information, chances are there's a keylogger in there somewhere.

Implement Two Factor Authentication

Strict implementation of Two-factor authentication through one time passwords

would help users protect their sensitive credentials, as one-time password is
momentary and the hackers cannot use the same detected password the next time.

Use of Virtual Keyboard

Virtual Keyboard helps to avoid personal data interception by the hackers. It is a
software used to allow the users to input characters without the actual need for
physical keys.

Use a comprehensive security system:

Install a good Antivirus Product with the latest virus definitions. Comodo takes

antivirus to the next level through its Advanced Endpoint protection(AEP). Comodo
AEP is stoked with artificial intelligence to deliver robust malware detection
mechanisms. It has updated databases of KNOWN GOOD files and KNOWN BAD files
through whitelisting and blacklisting respectively. It also uses containment
technology to isolate the unknown/suspicious files into a separate virtual container
and analyze the files through static and behavioural checks by an online file verdict
system called the Comodo Valkyrie. Comodo AEP also includes VirusScope to
implement algorithm and machine learning based detection. So the protection is
100% with Comodo Advanced Endpoint Protection and keyloggers cannot escape
detection.

CONCLUSION

It is advisable to stay vigilant with a proactive and comprehensive security system

like Comodo Advanced Endpoint Protection to combat against even the most deadly
keylogging activities.