prsnl
03-31-2008, 02:52 PM
This is all a hypothetical scenario.
We're going to refer to the person sending the keylogger as "Individual A". We're going to refer to the person that gets the keylogger installed on their system as "Individual B."
If "Individual A" wanted to remotly install a keylogger on "Individual B's" computer to see what websites they are visiting. Not interested in any of their personal information. Although these particular websites are valuable and secretive to the individual.
These individuals aren't related. They don't know each other personally.
According to this keylogger, it's undetectable by anti-virus programs. The keylogger doesn't show up in taskmanager. It installs itself into services.msc but with a different a name. It can be installed remotely. "Individual A" would test the keylogger before sent to "Individual B" to make sure it's installed without any notices, bypasses AV and Spyware programs, and sends data discreetly. "Individual A" is computer savvy in website design, not sure how advanced they are on the programming side or being able to recognize changes in services.msc
"Indivdual A" would contact "Indivdual B" to see if they are interested in a particular software (which is binded with the keylogger) from a public location. "Individual A" doesn't visit this location regularly. Any communication related to any of this will be done from a public location not visited regularly (different IP). If "Individual B" is interested. "Individual A" would send the keylogger from a public location they don't visit regularly. After the keylogger is installed the website data would be collected for about a week or if suffiecent data has been collected quicker. Then the keylogger will be uninstalled from the remote server.
If this is done from a public location that's not visited regularly is there still a possibility of getting caught? The keylogger wouldn't be purchased under "Indivdual A's" name, location or any personal information.
"Individual B" that has the websites does have ***** to pursue this if there was any suspect of a keylogger on their system. If this was pursued how would this be traced? What's the liability? Would they be able to decrypt the exe that was sent?
"Individual A" (person installing the keylogger)- let's say during research when trying to find a keylogger and trying to find a program to bind it with these websites were accessed from a location that "Indidivual A" doesn't want anybody to know about. Nothing was downloaded from these sites, and there wasn't any signing up, they were just browsing. Could this arise as a problem as, this could end up being circumstanstial (spelling?) evidence? Since the remote keylogger software and the binded software could be traced to the owners of the programs. Just from website visits they could pull up IP logs from both websites and see that there is a match. Which would be unlikely by anybody that didn't send the software to "Individual B". If "Individual A" wanted to be as discreet as possible they should find different software to bind with? Visit websites anything related to this from a completely different location. Even if it's just browsing websites? The problem is going to be finding another software to bind it with since this is hard to find software. Maybe if "Individual A" just used a different remote keylogger software then the the IP's wouldn't match with the binded software's website and would that be sufficent?
Another possibility of a trace that came up was when they trace the IP's (proxies don't help since advanced users can trace the original IP), if they go to the actual locations where "Indivdual A" sent the keylogger from? A library has cameras could they pinpoint exactly which computer the keylogger was sent from? This would be done from a personal computer, not using the libraries computer, they would be using the public wifi.
You can't pin point a computers location like that or can you? Cellphones can be traced like that can't they? Or is this going over***rd? Or should the individual go to a coffeeshop where they don't see any cameras? Although there are many more people who access computers from a library and could be anybody? Not as many people visit or use this particular coffeeshops wifi. It would be harder to blend in.
The most important thing that "Individual A" would be worried about is not getting caught. How likely does this sound?
If anybody thinks that "Individual A" is being paranoid is only since these websites to "Individual B" (this is an individual not a company but, the indivudal could be making ***** with these websites). Just to give anybody an idea as to how important it is that "Individual A" doesn't get caught. "Individual A" has heard a story in a different scenario where something similiar happened with some other people (don't know if a keylogger was used) but somehow somebody found out about a person's websites and used their ideas. The person that copied the idea got his house burned down.
We're going to refer to the person sending the keylogger as "Individual A". We're going to refer to the person that gets the keylogger installed on their system as "Individual B."
If "Individual A" wanted to remotly install a keylogger on "Individual B's" computer to see what websites they are visiting. Not interested in any of their personal information. Although these particular websites are valuable and secretive to the individual.
These individuals aren't related. They don't know each other personally.
According to this keylogger, it's undetectable by anti-virus programs. The keylogger doesn't show up in taskmanager. It installs itself into services.msc but with a different a name. It can be installed remotely. "Individual A" would test the keylogger before sent to "Individual B" to make sure it's installed without any notices, bypasses AV and Spyware programs, and sends data discreetly. "Individual A" is computer savvy in website design, not sure how advanced they are on the programming side or being able to recognize changes in services.msc
"Indivdual A" would contact "Indivdual B" to see if they are interested in a particular software (which is binded with the keylogger) from a public location. "Individual A" doesn't visit this location regularly. Any communication related to any of this will be done from a public location not visited regularly (different IP). If "Individual B" is interested. "Individual A" would send the keylogger from a public location they don't visit regularly. After the keylogger is installed the website data would be collected for about a week or if suffiecent data has been collected quicker. Then the keylogger will be uninstalled from the remote server.
If this is done from a public location that's not visited regularly is there still a possibility of getting caught? The keylogger wouldn't be purchased under "Indivdual A's" name, location or any personal information.
"Individual B" that has the websites does have ***** to pursue this if there was any suspect of a keylogger on their system. If this was pursued how would this be traced? What's the liability? Would they be able to decrypt the exe that was sent?
"Individual A" (person installing the keylogger)- let's say during research when trying to find a keylogger and trying to find a program to bind it with these websites were accessed from a location that "Indidivual A" doesn't want anybody to know about. Nothing was downloaded from these sites, and there wasn't any signing up, they were just browsing. Could this arise as a problem as, this could end up being circumstanstial (spelling?) evidence? Since the remote keylogger software and the binded software could be traced to the owners of the programs. Just from website visits they could pull up IP logs from both websites and see that there is a match. Which would be unlikely by anybody that didn't send the software to "Individual B". If "Individual A" wanted to be as discreet as possible they should find different software to bind with? Visit websites anything related to this from a completely different location. Even if it's just browsing websites? The problem is going to be finding another software to bind it with since this is hard to find software. Maybe if "Individual A" just used a different remote keylogger software then the the IP's wouldn't match with the binded software's website and would that be sufficent?
Another possibility of a trace that came up was when they trace the IP's (proxies don't help since advanced users can trace the original IP), if they go to the actual locations where "Indivdual A" sent the keylogger from? A library has cameras could they pinpoint exactly which computer the keylogger was sent from? This would be done from a personal computer, not using the libraries computer, they would be using the public wifi.
You can't pin point a computers location like that or can you? Cellphones can be traced like that can't they? Or is this going over***rd? Or should the individual go to a coffeeshop where they don't see any cameras? Although there are many more people who access computers from a library and could be anybody? Not as many people visit or use this particular coffeeshops wifi. It would be harder to blend in.
The most important thing that "Individual A" would be worried about is not getting caught. How likely does this sound?
If anybody thinks that "Individual A" is being paranoid is only since these websites to "Individual B" (this is an individual not a company but, the indivudal could be making ***** with these websites). Just to give anybody an idea as to how important it is that "Individual A" doesn't get caught. "Individual A" has heard a story in a different scenario where something similiar happened with some other people (don't know if a keylogger was used) but somehow somebody found out about a person's websites and used their ideas. The person that copied the idea got his house burned down.