A USB Keylogger for Recording Keystrokes Typed on Any PC
In order not to scare anybody, the hardware keylogger we'll talk about in this case study isn't something hackers use to steal personal information. On the contrary, these devices are used by corporations to protect their data. Managers install keyloggers to monitor employee activity and provide a backup of data entered. Keyloggers are especially important for organizations that work with sensitive data and take measures to prevent private information from getting into the wrong hands.
Integra Sources was hired to build a USB keylogger for our client from Poland who wanted to implement this solution for two target markets. One of these markets is business owners who want to protect their corporate data. And the other one is parents who want to monitor their children.
When our client contacted us, they already had a hardware keylogger for PS/2 keyboards and they needed to develop a new device that could capture keystrokes from a USB keyboard.
The services we provided included custom schematics, printed circuit board (PCB) design, firmware development, and software development for the PC configuration utility.
The keylogger is operating system-independent and can be hidden inside a keyboard. It captures every key pressed by a user and stores this information in the text file on the internal NAND-flash. Users can access the text file after pressing a special combination of keys that switch the device into the flash drive mode.
Inside the keylogger, there is a text file (log), a configuration file for setting up the device parameters, and a file for keyboard layouts for controlling the language that the keyboard is set up for. There is also a small internal battery inside, so the time of the keystrokes is kept accurate even when the host PC is turned off.
After launching the first version, we continued working on the keylogger for about a year and released several new and different versions of the device. The latest version offers 16MB of internal memory, a timestamp saving feature, a real-time clock, and text encryption.
Scope of work
Hardware development for the keylogger
- Schematics Design
- PCB Design
- Generation files for the manufacturer
- Ordering the components
- PCB manufacturing
- Prototyping assembly
- Hardware testing
- CPLD Device firmware
- MCU firmware
Configuration utility development
Preparing the device for certification
- USB Key Logger is based on AVR MCU AT90USB162 (later ATmega32U2) and EPM3064 CPLD
- CPLD firmware was written on AHDL using MAX+PLUS IDE
- MCU firmware was written in C using AVR Studio IDE
- In critical cases, we used Assembler language for MCU firmware implementation
- EAGLE CAD IDE was used for Schematics and PCB design
- PC software was implemented using Borland Delphi
The USB keylogger was a challenging project. We needed to meet the following requirements:
1. Gather the data without influencing the keyboard’s efficiency.
The keylogger needed to be completely invisible and couldn't affect the computer operations. We basically needed to enable the recording of data without any delays for the user. To solve this challenge we implemented a special hardware solution inside the keylogger.
2. Meet very strict requirements for the device size.
The keylogger is only 57x20x13mm in size. It's very small. We needed to make it possible to fit the required amount of memory into this device. Our first version offered only 2MB of data storage. But as we continued working on subsequent versions, we increased the capacity up to 16MB of internal storage.
3. Enable correct operation when the keyboard is connected via HUB.
The keylogger needed to be able to connect to the keyboard via a USB HUB. The HUB in some cases changes the mode of operation for USB, so our solution needed to handle this scenario as well.
4. Enable future enhancements to the device’s functionality.
After launching the first version of the keylogger, our client intended to enhance it with new features. This meant that the first version of the device needed to be scalable. We enhanced the later versions of the keylogger with the following features:
- An SD card. The internal memory allowed the device to store only 16MB of data. But with the SD card, a keylogger could store several gigabytes of information.
- A real-time clock with a built-in battery. This clock allows for the addition of timestamps to the text logs. When the host PC is turned off, the internal battery allows for keeping the keystrokes accurate.
- Encryption for text files to prevent unwanted access to the information.
The USB keylogger that we built gave a competitive advantage to our client and allowed them to meet their customers’ expectations. They successfully sold the desired number of keyloggers and then sold the idea and the prototype itself to another company.
To use the keylogger, a user needs to plug it between the keyboard and the PC. It works just like a flash drive. The main purpose of the keylogger is to record the data being transmitted by the keyboard. Every single keystroke is stored in the keylogger in a time-stamped text file.
When a user presses a specific key combination on the keyboard, the device switches into a flash drive mode. Users can conveniently browse through the logs and find the information they are looking for.
You might also like...
PBX Communications Device for Preventing Phone Fraud for Senior Citizens
We implemented a hardware design for a telecommunications device that gets installed in the homes of senior citizens and automatically blocks fraudulent calls
Handscape, Capacitive Touch Case for Controlling Smartphone or Tablet from the Back
Handscape is a wireless case attached to the back plate of a smartphone or tablet that lets users see their fingers through this device