Question about Keylogger viruses and stored Password data

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Question about Keylogger viruses and stored Password data

Daniel-2
I was out with one of my sisters tonight, and, on the way home, she
asked about "Keylogger viruses" ... in particular, if she had saved her
identity and password data for a site (pick a site, any site) so that
when she went to the site, her stuff was auto-filled in, so she could
get to a site, .... and then, after her data had been stored on her
computer, she then got infected by a Keylogger virus, would her identity
and password data be collected by the Keylogger??

At first thought I said "NO", because no keys had been pressed ... but
is it that simple?? Would the keylogger also register that a file had
been accessed to supply the log-in data?? The data didn't come from the
keyboard, but did come from somewhere.
--
Daniel

User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
SeaMonkey/2.49.1 Build identifier: 20171016030418

User agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
SeaMonkey/2.49.1 Build identifier: 20171015235623
_______________________________________________
general mailing list
[hidden email]
https://lists.mozilla.org/listinfo/general
Reply | Threaded
Open this post in threaded view
|

Re: Question about Keylogger viruses and stored Password data

Dave Royal
Daniel <[hidden email]> wrote:

> I was out with one of my sisters tonight, and, on the way home, she
> asked about "Keylogger viruses" ... in particular, if she had saved her
> identity and password data for a site (pick a site, any site) so that
> when she went to the site, her stuff was auto-filled in, so she could
> get to a site, .... and then, after her data had been stored on her
> computer, she then got infected by a Keylogger virus, would her identity
> and password data be collected by the Keylogger??
>
> At first thought I said "NO", because no keys had been pressed ... but
> is it that simple?? Would the keylogger also register that a file had
> been accessed to supply the log-in data?? The data didn't come from the
> keyboard, but did come from somewhere.

I think your first thought is correct. If it is a 'classic' keylogger
then it captures keystrokes. It can't monitor data within the browser or
capture clicks on an on-screen keyboard.

But is it 'just' a keylogger? And if she cought that she
might have other malware, so thorough scanning etc. should be done.
--
(Remove numerics from email address)
_______________________________________________
general mailing list
[hidden email]
https://lists.mozilla.org/listinfo/general
Reply | Threaded
Open this post in threaded view
|

Re: Question about Keylogger viruses and stored Password data

Dave Royal
In reply to this post by Daniel-2
 Good Guy  <[hidden email]> wrote:

> [-- text/plain, encoding 7bit, charset: utf-8, 27 lines --]
>
> On 16/08/2018 14:03, Daniel wrote:
>> I was out with one of my sisters tonight, and, on the way home, she
>> asked about "Keylogger viruses" ... in particular, if she had saved
>> her identity and password data for a site (pick a site, any site) so
>> that when she went to the site, her stuff was auto-filled in, so she
>> could get to a site, .... and then, after her data had been stored on
>> her computer, she then got infected by a Keylogger virus, would her
>> identity and password data be collected by the Keylogger??
>>
>> At first thought I said "NO", because no keys had been pressed ... but
>> is it that simple?? Would the keylogger also register that a file had
>> been accessed to supply the log-in data?? The data didn't come from
>> the keyboard, but did come from somewhere.
>
> If the password is stored in SQLite database then the entire database
> is/can be siphoned off and it can be opened using SQLite Manager - an
> Add-On for Firefox.  Mozilla is a sponsor of SQLite Database and  it
> uses it for many things in products.  Once the database is in their
> hands then they can do many things with it.
>
> I never save passwords in browsers;  TB you need to save because of
> accessing eMails many times a day.
>
> [-- text/html, encoding 8bit, charset: utf-8, 46 lines --]

This describes a bit about encryption of saved passwords:
<https://support.mozilla.org/en-US/questions/1210914>

SQLite Manager won't run in Fx 57+ - it's the kind of thing a
webextension addon can no longer do. But you're right that if malware infects Firefox
itself then it could access passwords.

People's level of paranoia varies; I wouldn't use Windows for financial
transactions. Even Windows 10 ;-)0
--
(Remove numerics from email address)
_______________________________________________
general mailing list
[hidden email]
https://lists.mozilla.org/listinfo/general
Reply | Threaded
Open this post in threaded view
|

Re: Question about Keylogger viruses and stored Password data

Dave Royal
?? Good Guy ?? <[hidden email]> Wrote in message:
>     On 16/08/2018 17:24, Dave Royal wrote:
> SQLite Manager won't run in Fx 57+ - it's the kind of thing a
> webextension addon can no longer do.
>    
>     You don't need an extension to read or browse a database.  For
>     SQLite there is another stand-alone tool called SQLite Browser
>     <https://sqlitebrowser.org/> and it can read a database quite
>     easily.
>
You cited an addon. Of course, if an attacker can run a program on
 your device then they have access to all your data. The next
 defence against that is a sandboxed operating system like
 iOS.

It's why I'd do banking on an iPad in preference to a Windows machine.
--
Remove numerics from email address.
_______________________________________________
general mailing list
[hidden email]
https://lists.mozilla.org/listinfo/general