Keystroke Logging Increases, Security Firm Says

Hackers are likely to release more than 6000 keylogging programs this year--up 65 percent from the number in 2004--according to Reston, Virginia, security vendor iDefense. Such software illegally records every keystroke pressed on a victim's PC and then transmits the data to the hacker, making it an effective way to snoop out confidential information such as user names and passwords.

Organized cybercrime groups commonly send keyloggers to unsuspecting victims via e-mail, often in combination with spyware, phishing e-mail, or some other type of malicious software, the security company said.

Costs to You

Citing a survey by National Mutual Insurance, iDefense estimates that the average cost of a successful keylogging attack is about $4000 per victim.

But the financial cost is only part of the equation. Keylogging attacks are a major time sink, as well. The National Mutual survey found that victims of this type of fraud spent 81 hours, on average, resolving matters.

In 2000, hackers released just 300 keyloggers, according to iDefense's numbers; and in 2001, the number dropped to 275. The first spike in keylogger programs occurred between 2002 and 2003, when the number rose from 444 to 1230. This year, the total is expected to jump from 3753 in 2004 to just under 6200 by year's end.

iDefense, a unit of VeriSign, sells security intelligence to government and enterprise customers.