Keyscrambler - Encrypt your Keystrokes

[+Warwagon MVC]

Keyscrambler - Protect your personal information from keyloggers

http://www.qfxsoftware.com/

Give keyloggers the finger.

"There is a 1 in a 1,000,000 (or more) chance that today you will be shot with a gun. Wouldn't it be great to be wearing a Kevlar vest on THAT day??"

Today I'm going to review a nifty little program called "Keyscrambler". I remembered hearing about this application a while ago and I even tried it out. Today someone referenced it in a "Keylogger Remover" thread. He was recommending it as a preemptive measure for 'next time'. That got my interest sparked again so I looked into it. I ended up buying the Premium Version. This may have been an impulse buy, but it's one of those applications that it will never hurts to have.

As you all know a keylogger is an application that runs on your system for the sole purpose of capturing all the keystrokes the user inputs (or inputs via other means) into the computer.

It's thru these types of applications that the hackers are able to steal confidential information when it is entered into a the web browser (other than phishing sites of course).

Most of the time, an Anti-virus and/or Anti-malware application will detect and remove a keylogger from a computer, but it just has to miss one once. I know that most of us think that we will never fall victim to a keylogger. We would have to be stupid, right? I think we are all smart enough not to fall for a fake antivirus ad, BUT what about a vulnerability via a 3rd party browser add-on? It could happen. Enter now the Keyscrambler.

Keyscrambler works at the keyboard driver level of the kernel (or as low as Microsoft will let it work on 64bit Windows). There is a 32bit and 64bit version. I'm running it on Windows 7 - 64bit without issue. As you start typing on the keyboard, the data gets encrypted. The entire path is encrypted, from the moment a key is pressed on the keyboard, until it reaches the box it was intended for. Once it reaches the intended location, the information is then decrypted.

A keylogger running on the system between the keyboard and the destination will just see encrypted gibberish. (Example of FL:KJERERLEJR:F)

Keyscrambler supports a plethora of applications. It has to support the application before it can encrypt the data entered into it. I found that it supports every web browser imaginable as well as all the popular email clients, IM messengers, accounting software, office software and more. Certain things that it does not encrypt would be something like the run box, but how often are you really entering your credit card information into the Windows run box?

As you type into a supported application a long green box appears in the corner of the screen. It shows you the encrypted output of what you are typing. If you prefer not to use the green bar, you can use a tray icon instead.

There are 3 versions of the application.

First, there is the Free Version. It supports IE and Firefox, Flock and that's it. If you use any other web browser you are out of luck.

Next is the Pro Version $29.99 - This supports IE and Firefox as well as all the other web browsers. It also supports Email clients, IM/ VoIP, Password Managers (including but not limited to Roboform), Zip applications, Text Editors, Music apps and Online games.

Finally we have the Premium Version $44.99. This one supports everything mentioned above. It also supports a few additional type of applications. Office, Finance, Tax, Accounting (Like QuickBooks), Networking, Encryption, File Managers and Windows log-in. A complete run down of the applications covered by the assorted versions is available on the company's website.

There is no monthly fee and its just a 1 time fee with free lifetime updates. Once you install the program you use your email address and your Product Key to show you bought the application. It does require the internet to validate. Though it doesn't look like it does any sort of activation. It just makes sure that the Product Key matches the email address.

To check out the functionality, I installed an antikeylogger tester. I had it test how well keyscrambler protected against a low level keyboard hook. I told it to record and started entering my login name and password into the Neowin.net sign in page via Firfox. Once I was finished I checked the antikeylogger tester and all I saw was gibberish, Hooray!!

That's really all there is to say about this application. There aren't a lot of features. All it does is encrypt data entered into the computer so that keyloggers can't see it.

A video showing how keyscrambler does against a low-kernal mode keylogger.

For best results watch this video in HD

Edited November 17, 2009 by warwagon

[Raa]

Very nifty! A bit costly though, but if your data is that precious, I guess it's a priceless investment?

[+Mystic MVC]

Thanks, the free version would be a great thing to have handy for online banking.

[Zarpraz]

Good idea if it really does what it says, however the prices for the pro/premium versions are way too high. I would have said $9.99 for pro and it should work with all apps including Office etc. No way would I pay $45, and can't imagine many others doing so.

Just looked at their site and it's $12.99 to upgrade pro to premium, so it's cheaper to buy pro + the upgrade than premium, whacky pricing!

Remember if you use Roboform then there are no key presses to log, I assume that would be true for the other password managers.

Edited October 20, 2009 by m.keeley

[Subject Delta]

Pretty stupid that you have to pay just to use it in other browsers, I am sick of everyone assuming that the entire world either uses IE, or Firefox (flock is a pretty strange choice given that its market share is even lower than Opera's). Also, a good idea, but I think the price is overkill given that being hijacked by keyloggers is pretty rare nowadays where most details are stolen through phishing.

[svnO.o]

Pretty stupid that you have to pay just to use it in other browsers, I am sick of everyone assuming that the entire world either uses IE, or Firefox (flock is a pretty strange choice given that its market share is even lower than Opera's). Also, a good idea, but I think the price is overkill given that being hijacked by keyloggers is pretty rare nowadays where most details are stolen through phishing.

Agreed. Will I ever use it? Doubtful. But cool product nonetheless.

[+Xinok Subscriber²]

If you use IE or Firefox, then it doesn't hurt to have the freeware version. It doesn't run any background processes, and you can configure it to show a tray icon instead of the annoying green bar.

[AudioDope]

Don't assume this is "a step ahead" of the bad guys.

A lot of keyloggers that are developed take this into consideration and are Anti-Keyscrambler and other stuff!

Might work against the older stuff (that newbies use)

:) No problem.

[Tristan]

Man...this is for paranoid people.

[+Warwagon MVC]

Don't assume this is "a step ahead" of the bad guys.

A lot of keyloggers that are developed take this into consideration and are Anti-Keyscrambler and other stuff!

Might work against the older stuff (that newbies use)

:) No problem.

So which keyloggers do you know of that can get around keyscramblers? Care to give any examples or quote the source of your information?

Edited October 20, 2009 by warwagon

[+Warwagon MVC]

Man...this is for paranoid people.

I know of a certain person that has nearly a million dollars in trade accounts and online banks. If this person uses a program like keyscrambler to protect their investment accounts in the event a keylogger ever got installed, then would you still call them paranoid?

Edited October 20, 2009 by warwagon

[boogerjones]

I know of a certain person that has nearly a million dollars in trade accounts and online banks. If this person used a program like keyscrambler to protect their investment accounts in the event a keylogger ever got installed, would you still call them paranoid?

Yes. A person that worried about it would be using a nonce keyfob or some other form of 2-factor authentication. Furthermore, that person would never be using an untrusted workstation for online banking.

My wife and I have accounts with that much money in them and I wouldn't think about using a bank that allowed those funds to be transferred without some sort of reliable verification. Most of the banks and investment firms I use won't even allow notarized letters for common mail-based communication.

Also, I'd be interested if anyone has seen an analysis of Keyscrambler. What warwagon posted looks a lot like a brochure advertisement to me. Everything you get from a Google search is the same self-serving advertisement. Plus there's no information on how the software actually works (though it probably actually works very similarly to most keyloggers by installing a global hook for the keypress event). Any malware running with admin access could theoretically get your keystrokes, since the destination application must access them as well. All of these are hallmarks of a bogus application that simply gets marketed well.

A keylogger could probably do an API call to GetWindowText and it'd be as simple as that for any targeted application. It would be a trivial matter to search for password fields in browser html and do the same thing with the Windows API.

Edited October 20, 2009 by boogerjones

[boogerjones]

Man...this is for paranoid people.

If there was an open-source anti-keylogger product that had been independently tested for security vulnerabilities, I would happily give my money to its parent company. Untrusted workstations are a significant threat and keyloggers are the easiest way to get private information. Phishing scams only work on old ladies and other people who know nothing about technology.

[Neoauld]

If there was an open-source anti-keylogger product that had been independently tested for security vulnerabilities, I would happily give my money to its parent company. Untrusted workstations are a significant threat and keyloggers are the easiest way to get private information. Phishing scams only work on old ladies and other people who know nothing about technology.

agreed

i use SSH tunnels and stuff to avoid information leakage, this just protects from another type of leakage

[+Xinok Subscriber²]

KeyScrambler will protect you against the majority of keyloggers, but it is far from fool proof.

I think the only way a true keylogger could bypass KeyScrambler is to install a system driver. Even with UAC disabled, Windows should still prompt you before installing an unsigned driver.

But there are far simpler ways to bypass KeyScrambler:

- Install a plugin into the web browser to capture the keystrokes after they're decrypted.

- Or even simpler, just disable the KeyScrambler plugin, though you might notice the green bar is gone.

Heck, if you start IE InPrivate Browsing, it disables all addons including KeyScrambler.

But as I said before, it will protect you against the majority of keyloggers.

[+Warwagon MVC]

Heck, if you start IE InPrivate Browsing, it disables all addons including KeyScrambler.

Incorrect.....sorta

The personal version runs as an extension in IE. The paid versions do not. Same for firefox.

Edited October 20, 2009 by warwagon

[+Warwagon MVC]

Yes. A person that worried about it would be using a nonce keyfob or some other form of 2-factor authentication. Furthermore, that person would never be using an untrusted workstation for online banking.

Define untrusted. The person I was referring to is using their own machine not some random PC at some persons house, they have no control over. By Trusted workstation are you referring to a pc that is just for doing online banking and nothing else?

[thomasfrank09]

This actually looks really cool, especially for the free version. I just might install it.

[Glowstick]

Any keylogger usually runs with admin or system access and can easily bypass this ****ty and useless application.

[_V_]

So which keyloggers do you know of that can get around keyscramblers? Care to give any examples or quote the source of your information?

These fancy "key scramblers" indeed work against two types of key-loggers:

- those using passive methods for recording keystrokes (making use of API like GetAsyncKeyState() or GetForegroundWindow()... ).

- and also those hooking API function calls (thus intercepting keyboard events).

However, none of those fancy scramblers stand a chance against two types of widely known and used key-loggers:

- Those implemented as part of a kernel-level rootkit. They act as the keyboard driver, and have low level access to the hardware itself.

- those implemented in a malware hypervisor. Those have more privileges than the OS Kernel itself.

All in all, those so called keyscramblers would have done a very good job 10 years ago, not now.

[+Warwagon MVC]

Well I thought I would test it

I downloaded keyscrambler premium in a vm along with Elite Keylogger

http://www.widestep.com/

Elite Keylogger works in low-kernel mode as a driver-based monitoring software recording every detail of PC and Internet activity. It is the optimum solution for homes, families, small and middle offices, as well as big companies with the need to monitor hundreds of employees. Elite Keylogger is driver mode low kernel Keylogger.

It did not record anything I was typing when I used key scrambler. Once I turned off keyscammbler it recorded just fine. So that is one example of keyscrammbler defeating a low kernal mode driver based keylogger.

[Eric Veteran]

Web of Trust is saying that widestep.com is very untrustworthy. Are you sure you didn't actually install a keylogger instead of a keylogger prevention? :)

EDIT: Durr... widestep is where you did get the keylogger from. :)

[+Warwagon MVC]

Web of Trust is saying that widestep.com is very untrustworthy. Are you sure you didn't actually install a keylogger instead of a keylogger prevention? :)

EDIT: Durr... widestep is where you did get the keylogger from. :)

Yep if you read some of the comments on the score card of WOT it says they make key loggers lol.

Right now i'm in the process of making a video I will put on youtube, just in case someone doesn't believe me.

[+Warwagon MVC]

Ok here is the video. As i'm posting this yotuube is still improving the quality of the video. So by the time you read this it will probably be HD.

THis video is of the test I mentioned above.

Well I thought I would test it

I downloaded keyscrambler premium in a vm along with Elite Keylogger

http://www.widestep.com/

Quote -

Elite Keylogger works in low-kernel mode as a driver-based monitoring software recording every detail of PC and Internet activity. It is the optimum solution for homes, families, small and middle offices, as well as big companies with the need to monitor hundreds of employees. Elite Keylogger is driver mode low kernel Keylogger.

It did not record anything I was typing when I used key scrambler. Once I turned off keyscammbler it recorded just fine. So that is one example of keyscrammbler defeating a low kernal mode driver based keylogger.

During the video I also accidnetly got tong tied and called keyscramber keylogger.... OOPS!

For best results watch this video in HD