Keylogger: logs upload methods, are they "secure"?

Hi, what are “logical” ways that a keylogger could adopt to transfer logs from an infected person’s PC to another (from which the attacker can recover them)? I believe that leaving email or fpt credentials hard-coded is not a good idea, am I wrong? And yet most of the keyloggers I’ve seen act this way. Why?
What can be better methods? I suppose that encrypting logs with a gpg key and using only encrypted communications are good starting points.
Passing traffic under tor would be perfect (I suppose), but I’ve never tried to implement such a thing and I don’t know how good it can be for a keylogger.

1 Like

No, its not a good idea to hard code email or ftp creds. What you’re thinking is more about reverse engineering and in such cases you have to use some kinda navigations information to exfil the data.
Another way can be exfil using usb(i.e. your code detects usb with specific name and and exfils) but will require physical access or you could make the data spill over the internet somewhere and then reach out.

1 Like

A way to pass logs in security could be using telegram bot API

Interesting question but I don’t think you can realistically detach yourself from the keylogger. There will always be a trace to you, you could make it unrealistic for anyone to track you but it’s way easier to find you through bad OPSEC on your part.

If I were to answer the question if it was theoretically possible, then yes, it is possible. The biggest problem is law enforcement following the money straight to you. Law enforcement will be made out to be the enemy in this post as what you are trying to do is illegal and law enforcement will pose the biggest risk to this operation.

Remember that I’m just giving a theoretical answer because it’s an interesting question. Law enforcement is here to protect us and doing illegal stuff will get you in trouble. Stay on the white side of hacking.

You’d need an untraceable way to get crypto currency or any other form of payment. You could do this by selling your services and getting paid through an unique identity you made up. This way you could get crypto or paypal currency to pay for a webhost. Sell services like hacking / programming / selling art / …

You can’t just start buying crypto with your real identity. Mining is an option but then again, forensics looks for patterns and you buying a whole bunch of mining equipment is a red flag. And then your mining machine is still linked to your wallet, so you’d need full disk encryption and a way to shut down the machine when law enforcement raids your house.

The webhost also needs to not ask too many questions, otherwise they’d just disable your account and you don’t want that to happen.

Your online anonymous identity should never be linked to your real identity or in any way to you, the best way to do this is get a tails USB and encrypt your storage to generate PGP keys and have a password manager on there. Use unique passwords for your other identity and make them strong so law enforcement couldn’t possibly crack it.

Once all that is set you’d need a way to deploy your keylogger without it being able to get traced back to you, and you’d need to keep paying for your server and thus keep doing odd jobs on your anonymous identity that you can never link back to your real identity.

As you can see, it’s pretty much near impossible to achieve perfect anonymity and I probably still have OPSEC problems within this theoretical solution that I just don’t know of.

But in reality, if law enforcement wants to find you they will. You just need to make sure you are not worth the hassle. Nothing on the internet goes away and there will always be traces that you forget about.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.