My idea of a super smart keylogger, would be a logger that implants itself in the Windows Root Folders. Then it would implant changes in your antivirus software so it would be undetectable. It would also forbid you from installing antivirus software. Then it would monitor your actions looking for applications and the websites you go to and log the username and password. For runescape it would log the java keyboard imputs and look at your mouse clicks when you enter your bank password.

How it Works:
Runescape: The keylogger will have a screenshot at the password login screen for the bank. Then it would match the mouse clicks to the screenshot to figure out the numbers. If you move the window it would retake the screenshot.

Website Login:
For each change you make it will log it. To confirm the username and password. It will take the login screen from the website and ask you again for the username/password addin text in the ode of the site saying you need to confirm your user/pass combo. After that it looks for a match and logs it sending it to server where its port and password always changes.

Application Login:
The system will log your username and password and to confirm it, it will show a popup saying windows/mac/linux 'wants to know: if it wants it to save the username/password' if you click yes it will ask you for it again, and log the match. You can also turn this off in system settings for windows. For mac, you cannot, but this will only occur if the application asks for a nspass window.

Your Computer:
If your computer does not have the processing power to do all this in the background, it will uninstall itself and install a lighter version. Or move processing on the net on a secret server. Before, it does that it will delete some unimportant processes. It will also save all minimized applications and close them, but still show them minimized on the start bar or dock.

There are my ideas for a 'Super Keylogger'. Now I have no intention to make something this complex and I am not interested in stealing peoples information.

But, I find it amazing how no hackers have tried or implemented a keylogger as advanced as this.

Well most hackers aren't sad enough to hack a game like runescape...
Plus it's already easy enough as it is getting people's details via social networking and phishing sites..(including banks details etc...)

As for a malware that hides itself really well there's already rootkits...they're hard enough to detect and remove as it is now.

All the antiviruses are constantly being updated. I'm pretty sure that even the program itself will be updated. Just like windows, if there's a "hole" that needs to be patched up to prevent malware from exploiting them they would be patched ASAP.

Also developing one of these will take too long IMO, and it might not even last for long. Once people know what to look for to identify it there'll be a way for it to be identified + removed more easily.

Oh and the server might be taken down, unless you constantly update it with a new list of servers, which again would not be very practical IMO, unless you are in a large criminal organisation...

Just what I think...

nice idea but it only affects windows nothing almost ever effects mac linux etc.

I agree. It's better to make a lot of lower quality viruses than to make one that's really hard to remove. Implementation is the key when it comes to keyloggers. (getting it on someone's computer without them knowing about it). You could spend years developing the "unremovable virus" but as soon as the anti-virus alerts the victim that a keylogger is on their computer, they aren't going to login to RuneScape or any other website for that matter so what's the point in making it unremoveable?


How long did it take the anti-virus companies to add the "you got pwned in that vid" virus to their definintion files?

You probably already know this, but anti-virus software has a virus definition file that compares viruses code to files on your computer. If a file on your computer matches a virus in its definition file, it deletes it. However, if you can modify the code of the virus, even a little bit, it will be undetectable. You can do that by getting an .exe compressor / encrypter.

Making it impossible to remove would be the hard part. I'm not a programmer so I don't know how to make a keylogger, but polymorphic viruses are the way to go in my opinion. They change their file name every time you start and shutdown your computer. Also, as long as a virus is running in the task manager, it can't be deleted since it's in use so this is what happens:

1. The virus is detected by the virus scanner.
2. The virus scanner can't delete it because it's in use and prompts you to delete when you restart your computer.
3. The virus changes its name on restart so when the virus scanner tries to delete it, the file doesn't exist.
4. Go back to step #1.

It would be worthless anyway considering it's practically impossible to steel anyones items due to the new fair trade system. Good thought process though.

It is possible to open two (or more) windows, all running runescape, in different accounts. That way you are in control of everything. Don't rule out trading so easily.


This is how about 95% of keyloggers work these days.

Also, "Super" key loggers aren't just key loggers.
It's a backdoor trojan that installs malicious files, and then installs itself into system files, and corrupts files (like .dll files) so there is no cure (except for reinstallation of windows files).

He's referring to the fact you can't do unbalanced trades anymore.

It's still possible to do unbalanced trades until early January, and after that you can still steal a RuneScape character with higher Levels than the character you currently have, or you could steal their account as a hate crime.

You honestly think there are no viruses or keyloggers for the Mac or Linux operating systems? Then you've never heard of Leap A for the Mac, or possibly the Alaeda virus for Linux. I can name a lot more if you want me to.

People often discriminate Windows thinking it will get the most viruses/spyware/keyloggers/etc. It is only true IF you like to leave your computer unprotected, or possibly go to "Suspicious" or Phishing sites, or you download "Warez" which could contain those such infections.

im just saying there isnt that many theres a couple i run mine without aintivirus and it run perfectly do that on a windows for a week and you will have so much crap on it.

That is because the Windows operating system is more targeted by Malicious users as its more widely used and more popular than Mac OS X and Linux distributions.

That's very true. If you ever install Linux, they almost insist that you don't use "root" as your every day user account. I don't really see Linux as a more secure OS than Windows. On Windows the default account has admin rights, on Linux you aren't an admin so you can't install viruses on your computer, even if you wanted to. If an OS is used less, it means less viruses will be made for it, but it also means less support (fewer drivers, programs, games, virus scanners, ect).

There are a few reasons why Linux and OSX are "safer" than windows:
Most "newbie" hackers and programmers start on windows. Some will graduate to take their abilities to Linux/OSX, while still targeting Windows. Linux is also very versatile. If you screw up your programming, your OS is safe, because it wont harm your system.
Like stated before, Windows is more widely used than any other operating system in the world. This means it's more open to attacks than others.

The other reason why Linux/OSX are more safer than windows, is because the file formatting used is completely different than Windows. While all the malware, and viruses made effect windows, Other operating systems are on effected by the commands trying to be processed by the malicious files. I'm pretty sure it's hard to find C:\Windows\System32 on a ext3 file system.

Like Allstar said: I've had to face many viruses and hack attempts built for Linux machines. Just because it's less known, doesn't mean that there are no viruses for it. Also, I've heard (Not 100% sure) that there are an increase of viruses targeted at OSX Leopard.

Correct. You can't even install updates without entering your administrative password on Ubuntu.

You haven't seen the Ubuntu community I take it. I've been playing a game made for Windows 98 on my Linux machine for quite some time now. Only thanks to the support and advice from the forums of Ubuntu

It's a start, but it's very small compared to the amount of support for Windows.

Once again, why put resources into something that isn't even closely used as Windows?

For the viruses, think of yourself as a virus creator. You enjoy messing up people's computers. You get a thrill of causing problems. You would rather infect 5000 instead of 50, or instead of 5.

It's just the same with the driver developers. Why create a program that can only help 5 or 50 people when you put your resources to help 5000.

Windows is only attacked more by viruses because it is more widely used. Windows has more support because it is more widely used.

Thats a mis-conception. The architecture of Mac makes it impossible for Viruses to operate without it being noticed. You have root users and user-protection packages that manage possibilities for malicious commands.

Oh, and, Runescape was an example.

However. One well-though virus is better than a handful. The smarter it is the more it can get done. Another ideas is what if the definition files or anti-virus softwares are changed by the virus. So the anti-virus thinks its updated but its not.

Yet im kinda wondering why you post this information?
for your small chat...

its not about whats more widely used..

Mac's dont get viruses because they dont run on intel "apple has its own thing"
However the latest iMacs do run on intel processors, this is why they have
"time warp" AKA "system restore"

I have a macbook intel without "system restore". Also, I have still never got a virus. And, it not exactly the chipset (aka intel). Also, this topic is not about Macs vs Windows on viruses. This was my idea on a super keylogger (aka virus). So your reply is rather one, off topic, and completely pointless.

It's called system restore on Windows, and Time Machine on Macs. That's probably why you don't have it on your Mac.

Yay I know. Time Machine is only on Leopard, I have Tiger.

Do you have virus protection?

Even if you have a different OS, always use antivirus. (You never know )

I think i now how they might make a virus for Linux:
It installs in the filesystem, but to get the user to not see whats happening
it makes pop-ups, then it open the formatting thing--where it formats the filesystem and stuff.
Does this type of virus exist? (or without the pop-ups?)
At our Windows 98 pc we had this type of virus.
It deleted everything from the pc without the shortcuts to make it look like normal.