Keystroke loggers are categorized under "Adware or PUA". Sophos Anti-Virus for Windows detects on these types of files but presently this is not a detection item for Sophos Anti-Virus for Mac.
The mention of Keystroke loggers here, does that mean commercial keyloggers that you can buy? Many trojans contain keyloggers, but I would assume that they would have their own generic detection?
The mention of Keystroke loggers here, does that mean commercial keyloggers that you can buy? Many trojans contain keyloggers, but I would assume that they would have their own generic detection?
Indeed. Fully malicious keystroke loggers are detected; commercial loggers have a classification that isn't currently handled by Sophos Mac Home AV. Any malware that bundles commercial loggers inside a malicious package will have the malicious package detected, but not the logger.
The software classification the commercial loggers belong to is controlled by the Enterprise Console, which of course doesn't operate with our Home product.
Keystroke loggers capture keystrokes and send the data... somewhere.
As such, if the data is being sent to a parent's account on the same computer/same network, it is being used as parental 'control' -- the parent gets a log of what their child is doing. However, keyloggers are also dropped as part of malicious attacks so that some nefarious individual/group can steal your online banking information / email accounts / online identity / etc.
Can you clarify this for me...if I run Sophos antivirus on a Windows 7 machine, am I protected from a keylogger? I have not installed the firewall. Is it possible for someone to maliciously install a "commercial" keylogger on my computer, which would be allowed to run and steal my bank account information, for example?
Can you clarify this for me...if I run Sophos antivirus on a Windows 7 machine, am I protected from a keylogger? I have not installed the firewall. Is it possible for someone to maliciously install a "commercial" keylogger on my computer, which would be allowed to run and steal my bank account information, for example?
This is really more a question for your Sophos support person, but I'll answer it here.
On Windows 7, Sophos Endpoint Security puts keyloggers in either the "malicious" category (Mal/) if there is no legit use of the keylogger known, or in Application Control if it is a legitimate for-sale product. Anything in Application Control can be enabled/disabled by your administrator (Internet Explorer is also in Application Control, for example).
On Sophos Antivirus for Mac home edition, there is currently no Application Control, so all keyloggers for OS X are generally blocked as either Mal/ or Troj/. Some legitimate programs which could be used for logging are not detected, as they aren't malicious in themselves.
We do detect applications and scripts that attempt to drop/install keyloggers on a system without the user's permission.
I don't think keylogger is spyware. Nowadays, many parents often use keylogging software as parental control to protect their children. As I know that my auntie has used Mac Keylogger for nearly six months to watch out her son's computer usage.
