Keylogger Attack
The use of software or hardware that records every keystroke on a device to harvest passwords, credit card numbers, and other sensitive input.
Also known as: keystroke logger, keyboard spy
Last reviewed: 10 June 2026
A keylogger silently records all keystrokes typed on an infected or compromised device and transmits them to an attacker. Software keyloggers are typically installed via malware (trojans, infostealers), phishing email attachments, or malicious browser extensions. Hardware keyloggers are physical devices plugged between a keyboard and a computer, used in situations where the attacker has brief physical access.
The recorded data — which includes typed passwords, messages, banking credentials, and card numbers — is periodically sent to a remote attacker. Unlike data breaches that steal stored records, keyloggers capture credentials in real time as the victim types them.
Antivirus and endpoint-detection tools catch most software keyloggers. Using a password manager prevents the need to type passwords; on-screen keyboards offer limited protection against software keyloggers. Inspect keyboard ports on shared computers in hotels or libraries for hardware devices.
Examples
- A keylogger installed via a malicious email attachment sends every password typed on a home computer to an attacker for months.
- A hardware keylogger is found plugged into a library computer, having recorded hundreds of banking passwords.