Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 14 subscribers
  • Views 2641 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Does InterceptX protect enduser from JavaScript Keylogger

Mike__

Hi,

InterceptX can detect installed Keylogger by signature or behavior but what happen with rogue website loading a Keylogger using JavaScript?

Otherwise, what are the alternate protection layer we could add?

Thanks for your feedback!



This thread was automatically locked due to age.
Parents
  • 0

    Hi Milkyway Mike, 

    Your question is perfectly valid however "website loading a Keylogger using JavaScript" would be a broad statement. Would you have a specific example, sample website/code?

    Thanks,

    Vikas

  • 0 in reply to Vikas

    Hi Vikas,

    Thanks for your feedback.

    Forgive my curiosity and ignorance on the topic, but my question was triggered by this nice thread: https://nakedsecurity.sophos.com/2019/12/28/7-types-of-virus-a-short-glossary-of-contemporary-cyberbadness/, therefore, I was questioning InterceptX efficiency on these kinds of threat.

    QUOTE:

    Importantly, keyloggers don’t always need to be implemented down at the operating system level, and they often don’t need administrative or root powers to hook themselves into the keystroke data stream.

    For example, JavaScript code inside your browser can monitor (and alter, if it wants) the flow of keystrokes as you browse, meaning that rogue JavaScript injected into a login page could, in theory, recognise and steal your usernames and passwords.

Reply
  • 0 in reply to Vikas

    Hi Vikas,

    Thanks for your feedback.

    Forgive my curiosity and ignorance on the topic, but my question was triggered by this nice thread: https://nakedsecurity.sophos.com/2019/12/28/7-types-of-virus-a-short-glossary-of-contemporary-cyberbadness/, therefore, I was questioning InterceptX efficiency on these kinds of threat.

    QUOTE:

    Importantly, keyloggers don’t always need to be implemented down at the operating system level, and they often don’t need administrative or root powers to hook themselves into the keystroke data stream.

    For example, JavaScript code inside your browser can monitor (and alter, if it wants) the flow of keystrokes as you browse, meaning that rogue JavaScript injected into a login page could, in theory, recognise and steal your usernames and passwords.

Children
  • 0 in reply to Mike__

    Hi  

    Intercept X can detect most keyloggers from its machine learning algorithm. However, I would suggest if you have any sample website/code, you can submit the samples/files to Sophos Labs for review. 

    Shweta

    Community Support Engineer | Sophos Technical Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
    The New Home of Sophos Support Videos! - Visit Sophos Techvids
  • 0 in reply to Mike__

    Hi Mike,

    Thank you for sharing the background and some context which is really useful for me to comment. 

    Intercept X can be considered as our last layer of defense against "very new" piece of unauthorized code, something we intend to catch during run-time. We have many layers of protection before such code can even reach this stage; Deep Learning, Web Protection, Live Protection, HIPS etc.

    Our scenario here is a piece of Malicious JavaScript which might be loaded by a browser to steal credentials. I would not expect Intercept X to intervene because Sophos Anti-Virus would apprehend the malicious Code and would not allow the website to render in the first place. Also, in instances of a legitimate website being compromised, we might even classify the entire URL as Mal/HTMLGen-* hence protecting our users. 

    That being said, if you come across any example code/URL, please feel free to get in touch with us and we'll take a deeper look. 

    Thanks,

    Vikas

Unfiltered HTML