Hc Stealer Keylogger
This new release remote keylogger is 100% FUD high-spyware capabilities, it was just created a few days so that no antivirus is aware of this new keylogger, so that transfer and the use of this keylogger as soon as possible. The features of this remote keylogger: - Built-in Icon Changer. Ability to send / receive logs via SMTP w / fully customizable options. ZHStealerv.5 Viotto Keylogger 2.0 UNLIMITEDPWSTEALER Universal1337 v3 Universal1337 v2 Universal1337 - The Account Stealer Ultimate Stealer 1.0 Tool-Store FileZilla Stealer 1.0 The Simpsons Stealer 0.2 System Stealer 2 StupidStealerv6HackHound Stupid Stealer 6.5 (Fix with WIN7) Stupid Stealer 6 mit PHP Logger Steel Steam Stealer by till7.
I’m not going to ask why you need a keylogger. Just know that installing one on someone else’s system is a great way to get yourself dumped, fired, or prosecuted, depending on your situation. It’s also a great way to really put someone in a world of hurt, should the little utility you’ve downloaded capture keystrokes for you and send them to another source without you or your target’s knowledge.
In other words, slapping a keylogger on a person’s system is a pretty crummy move. I’m going to assume you’re installing this on your system to make sure nobody is breaking in and using it at your home or office. Right?
Advertisement
You can find a bunch of keyloggers for Windows around the web—hardware keyloggers, too. That’s the easy part. The ones I’m featuring in this article have two advantages over the others I’ve checked out: They didn’t trigger Windows Defender when you downloaded or installed them, suggesting that they’re neither a trojan horse nor something easily picked up by another user’s system, and they’re already compiled into an easy-to-use installation program. (If you want to go compile your a keylogger from source code or fiddle with Python to get it running, by all means.)
I’ve tested all three of the following keyloggers, and here’s how I’d rank them in order of least to most preferred:
Spyrix Free Keylogger
This app had the least-pleasing UI of all the ones I checked out, and all of its fancy hiding features require you to pay at least $60 for a 12-month license of the professional software (bleh), but it’s a basic keylogger that gets the job done.
Advertisement
Though the app’s icon sits in your Windows task bar—which you can manually remove via Windows’ task bar settings—it otherwise hides itself fairly well, requiring you to hit a key command (defaulting to CTRL + ALT + A) to pull up it’s main screen. There, you’ll get a fairly comprehensive listing of all the major things that happened on a given system, including what programs launched (and when), and what was inputted into them:
Advertisement
The app also supports a bunch of extras, including screenshots, webcam snapshots, and items copied to the clipboard. Frankly, I feel it’s a bit much, especially since that simple text log is going to get mighty crazy after a week or so of use. You can also seemingly email log files to yourself via Spyrix, but I don’t exactly trust the company to play nice with the data it sends your way. Call me paranoid.
That all said, I didn’t have any issues installing or using Spyrix, and it certainly gets the job done—sort of. When I started typing in a dummy text file, Spyrix had a little trouble registering my initial keystrokes. That probably isn’t a big deal if you have a sea of inputs to wade through, but it was a little less accurate in my (admittedly limited) test.
Advertisement
Revealer Keylogger
The free version of Revealer Keylogger offers a pretty no-fuss way to record that which is typed into a system. Like Spyrix, the app’s icon lives in your task bar for anyone to see if you don’t remove it manually. That said, its primary screen (and settings) also hides behind a keyboard combination—CTRL+ALT+F9, by default.
Advertisement
Revealer Keylogger can also shoot screenshots while it’s running, but I think its text-recording capabilities are all you really need. They’re well-presented and accurate. You can easily see when a person typed into an application, what application it was, and when they made their inputs. If you’re brave, you can even have Revealer Keylogger email this information out to you. I wouldn’t go for that option myself, but I would check out the app’s “Stealth” features in its Settings menu—allowing you to conceal Revealer Keylogger from the Task Manager, within Windows Explorer (or File Manager), and when Windows starts.
Advertisement
Hc Stealer Keylogger Software
StupidKeylogger
What I like most about StupidKeylogger is that it’s virtually impossible for anyone else to find. There’s nothing that sits in your startup menu; no application to remove in “Programs and Features, “ and no icons in your task bar to give away the fact that it exists. You’ll need physical access to a system to reap the rewards of what it records, as well as to install it, but that shouldn’t be too tricky, right?
Hc Stealer Keylogger Free
Advertisement
I didn’t take any screenshots of StupidKeylogger because there’s not much to show. You unzip the keylogger’s contents into a system (or flash drive), run the “Infect.bat” app to install it, and go away. When you’re ready to see what it’s done, you return to the system, run “CollectData.bat” to create a log file, and run “RecordDecoder.exe” to decrypt it. Boom—a giant text file of keystrokes and mouse clicks awaits.
Advertisement
Attackers have been observed targeting businesses on a worldwide scale during the last two months with the HawkEye keylogger malware according to a report from IBM X-Force.
As part of the April and May malicious campaigns which focused on business users, attackers used malspam emails to target organizations from numerous industry sectors like 'transportation and logistics, healthcare, import and export, marketing, agriculture, and others.'
'HawkEye is designed to steal information from infected devices, but it can also be used as a loader, leveraging its botnets to fetch other malware into the device as a service for third-party cybercrime actors,' says IBM X-Force's research team.
April and May HawkEye campaigns
The malspam campaigns which disseminate the keylogger are actively targeting business users in an effort to steal both accounts credentials and sensitive data that could be later put to use as part of account takeover or business email compromise attacks.
During the April and May Hawkeye campaigns, attackers using spam servers located in Estonia disguised the malicious spam emails as messages from Spanish banks or legitimate companies, distributing both HawkEye Reborn v8.0 and HawkEye Reborn v9.0.
While the spam emails' used generic greetings, featured poor quality text and content, and did not feature any company logos, 'the spammers managed to spoof the sending address to appear to originate from a large bank's domain.'
The malspam emails come with attachments containing fake commercial invoice which, once opened by the victim, will drop the HawkEye malware in the background while displaying the commercial invoice image as a distraction.
'Samples we checked reached users in Spain, the US, and the United Arab Emirates for HawkEye Reborn v9. HawkEye v8 focused on targeting users in Spain,' says IBM X-Force's analysis.
To infect the victims with the keylogger/stealer malware, a mshta.exe binary dropped by PhotoViewer when the victim tries to open the fake invoice will use PowerShell to connect to the command-and-control (C2) server and drop additional malware payloads.
The malware gains persistence on the compromised system with the help of an AutoIt script in the form of an executable named gvg.exe which adds itself as an AutoRun entry to the Windows Registry, thus making sure that it will get relaunched automatically after each system restart.
The IBM X-Force researchers also discovered that 'the second line in the script shows a file named AAHEP.txt. That file contains all the necessary instructions concerning the functions and commands related to the actual Hawkeye Keylogger.'
HawkEye-powered malspam campaigns
When looking into the list indicators of compromise for the April and May 2019, the X-Force researchers found another malspam campaign launched from a server from Turkey 'between February 11, 2019 and March 3, 2019' but with an IP address from the same class C network.
Coupled with the fact that both campaigns feature very similar attack patterns with emails dropping malware payloads disguised as commercial invoices which would infect the targets with an info-stealing Trojan, led the X-Force researchers to think that they are operated by the same threat actor.
Other malspam campaigns disseminating the Hawkeye keylogger were also detected by Cisco Talos during April, as well as My Online Security during May, with the latter noticed that the data was either exfiltrated to the servers of another keylogger named Spytector or that the attackers were using a compromised Spytector email to collect the stolen data.
The HawkEye Reborn v9 malware kit
The HawkEye keylogger and information stealer malware kit has been in development since about 2013, with a multitude of new features and modules added by its developers throughout the years to boost its monitoring and data theft capabilities.
Hawkeye is being sold by its development team on dark web markets and hacking forums, and it is currently being distributed through resellers after it has changed owners in December 2018.
HawkEye Reborn v9, the latest version of the malware kit, can collect information from various applications which it then ships to its operators via protocols such as FTP, HTTP, and SMTP.
'Recent changes in both the ownership and development efforts of the HawkEye Reborn keylogger/stealer demonstrate that this is a threat that will continue to experience ongoing development and improvement moving forward,' said Cisco Talos' research team in its analysis of the HawkEye Reborn v9 keylogger/stealer malware.
'HawkEye has been active across the threat landscape for a long time and will likely continue to be leveraged in the future as long as the developer of this kit can monetize their efforts.'