Products
Personal Monitor
Record PC users's actions, grab screenshots and passwords
Keylogger
Keystrokes recording software. Keylogger free trial
Hoverwatch
Cell phone and computer spy
Employee Monitor
Access and control the time spent by your workers
Terminal Monitor
Track employee activities on Terminal Server
Free Keylogger
Free keyboard logger keeps track of all typed text

The Smart Watch as a Hardware Keylogger

25 January 2016

French college student Tony Beltramelli has e-published his scientific research on the use of so-called “smart watches” and special algorithms to track the users of these watches.

The topic of the paper (and this fundamentally new approach to hacking attacks) involves the interception and deep analysis of data from the accelerometer of a worn device. In this case the device in question is a smart watch (the Samsung Gear Live, for example) or fitness bracelet. These devices are worn on the wrist, which makes it possible to intercept data the user has typed in with this wrist on any physical or touch keyboard.

This specific study is dedicated to a method for intercepting keypresses on a standard 12-key numerical keypad such as those used at ATMs or for entering PIN codes in mobile applications.

The data from the accelormeter is collected by the worn device, then transmitted via Bluetooth to a nearby smartphone, and then from the phone to a server via GPRS/LTE. On the server the data is processed using a special algorithm in Java, Python, and Lua that imitates a neural network.

The algorithm cancels out noise, looks for signs of a PIN code being entered, and decodes it with a reliability of 59-73%. After processing by a neural net the reliability of the decoding process is significantly increased (up to 92%).

The developer has posted outgoing codes from this process on GitHub and video demonstrations of the process on YouTube.

The only thing that remains unclear is why anyone would enter a PIN code with the same they use for their watch. Watches are usually worn on the left hand, but most right-handed people enter their codes with their right hand.

TOP 5 spyware scandals

3 December 2014

1. A built-in keylogger in Windows 10.

1-windowsMicrosoft has confirmed that Windows 10 Developer Preview contains an integrated keylogger that captures everything that users type on their keyboards and sends these logs to the corporation.

Moreover, even voice commands and dictation results are logged in the same way.

The company explained that the collection of this information helps improve the operating system’s word autocompletion feature and the build-in spellchecker.

Particular concerns among some users were raised by the fact that the license agreement (terms and conditions of the Insider Program) states that the user agrees with the disclosure of keyboard logs both to Microsoft and undefined third parties.

2. Keyloggers found in new Samsung laptops.

2-samsungResearchers have found a software keylogger installed on Samsung laptops purchased online.

The program discreetly collected information about key presses, made screenshots and sent them to an unidentified recipient.

An anonymous consultant explained that the purpose of installing this spyware was the collection of data for improving future device control features.

Although Samsung has initiated a lengthy internal investigation, it has not officially admitted its role in this scandal and voiced an assumption that the programs had been installed by store employees.

3. A scandal around the Carrier IQ app installed on 140 million phones.

3-phoneAn app called Carrier IQ was found on a huge number of devices from all major manufacturers, from Apple and Google to Nokia and HTC.

Its official purpose was the collection of phone parameters and general usage details. However, the researchers have found out that the program is also capable of accessing multiple types of users’ data, such as the lists of visited websites and sent text messages.

Apple completely removed the application only in the latest version of iOS. Other manufacturers explained the presence of the program on their devices by a mistake made by wireless service providers during phone localization.

4. Spying computers available for purchase by installments.

Several chains of stores were offering an installment plan for computers with a program called “PC Rental Agent” included in the standard software bundle.

The program was initially intended for monitoring computers sold by installments – that is, computers that still belonged to the stores.
4-shop
However, store employees did not inform customers about the purpose of these programs. They could be used for remotely installing any other software on customers’ systems.

Such software could include tools capable of making screenshots, activating the webcam, recording key presses or locating the system using the nearest Wi-Fi networks.

The investigation revealed multiple cases of abusive behavior by store employees. Some of them were spying on customers for fun, and some of them continued to do so even after the last installment was paid.

The store owners were forced to pay ample compensations to affected customers.

5. Skype – an illusion of privacy.

5-skypeSkype, a popular communications program for text, audio and video chats, has been in the center of spy scandals surprisingly often.

Even before the company was acquired by Microsoft, it was rumored to be a part of “Project Chess”, a secret initiative aimed at making users’ data available to secret agencies.

After Edward Snowden’s revelatory publications, Skype appeared on the list of companies cooperating with PRISM, a monitoring system created by the U.S. National Security Agency.

This information, however, remained a mystery. Which is probably the way it’s supposed to be in spy stories.

 

New online service from Refog. Track any device online. Just install the spy phone. And Information from your phones and computers will reflect in your online Hoverwatch account.

Samsung SmartTV Hacked

13 September 2013

samsung-smarttvMartin Herfurt, a German information security expert, announced a successful attempt to hack a Samsung TV with SmartTV functionality.

The attack was made from a remote computer and aimed at disrupting the broadcast over HbbTV.

The hack became possible thanks to the use of WebKit 1.1 in the TV’s web browser. WebKit 1.1 is known for multiple unfixed vulnerabilities and lack of SSL support.

The expert managed to replace the broadcast with his own footage, enable subtitles and even install a Bitcoin generation on the TV set.

Vulnerability in Samsung and Dell network printers

30 November 2012

Neil Smith, an IT security expert, found a hidden embedded program in Samsung printers that makes it possible to remotely connect to them, change settings and manage printing. This is a real backdoor created by the manufacturer for the convenience of technical support experts.

Apparently, the company never disclosed the existence of such functionality. The same kind of program was found in Dell printers, which can be attributed to their mutual manufacturing contracts.

This backdoor uses a modified version of the SNMP protocol that is not visible in the list of connections and continues to work even if the user disables SNMP in the printer settings.

Since the information has been made public, emergence of working exploits for this vulnerability is just a matter of time. Obviously, these exploits will not try to intercept documents being printed, but will aim to execute arbitrary unauthorized code with administrator rights in an external network. Samsung believes that it will be able to release a patch before hackers find a way to create an exploit.

Preinstalled keylogger on Samsung laptops

31 March 2011

StarLoggerMohamed Hassan, a graduate of Norwich University in Britain with a major in information security and the owner of NetSec Consulting, purchased a Samsung R525 laptop. After a full system scan with anti-spy and anti-virus software, he discovered a commercial keylogger called StarLogger in his С:\Windows\SL folder.

Mohamed analyzed the system and concluded that the keylogger had been installed by the laptop manufacturer.

He exchanged (for another reason) the laptop for a Samsung R540 from another store and found the same spyware preinstalled on it.

StarLogger (developed by Willebois Consulting, prices start from $23) is a commercial keylogger that logs key presses, creates screenshots and sends the collected data by email.

Mohamed contacted Samsung’s technical support service (inquiry #2101163379) and demanded an explanation. The reaction of the support staff gradually changed from complete denial and attempts to blame Microsoft as the supplier of the entire software package to finally admitting that the company intentionally installed such programs to “monitor the performance of customers’ computers and understand how they were used”.

It looks like Samsung collects data about the use of their computers without users’ consent. Don’t forget to check yours.

Three weeks after the incident, Jason Redmond (Manager, Marketing Communications at Samsung Electronics, Samsung) reported that an internal investigation had been started to deal with the situation.

 

New online service from Refog. Track any device online. Just install the free spy apps. And Information from your phones and computers will reflect in your online Hoverwatch account.