Wednesday, May 1, 2013

Elite Keylogger Detection and Analysis

Elite Keylogger is a kind of malware (from the victim POV) that is sold by a company called WideStep, this company are marketing this product as being "100% undetectable" as you can see in info page:

Invisible to anti-virus software

It’s no secret that anti-virus and anti-spyware applications will constantly try to detect and block even legitimate monitoring applications like Elite Keylogger. Elite Keylogger does a great job hiding its own modules from anti-virus, anti-rootkit and anti-spyware apps. Elite Keylogger ensures it's not detected during regular scans and even after you update your anti-virus software. It implements a number of unique algorithms to stay hidden.
Here i will show you how to detect if this keylogger is installed on the computer and how to access its configuration GUI interface in order to see all of the configuration the attacker has set.

This article targets the latest version (5.0.183) currently being sold by WideStep.