The art of spying: Keyloggers for computers and cellphones

I have seen them used in a variety of situations including parents putting them on home computers to monitor their children’s activities, spouses putting them on each other’s computers when they suspect infidelity, and yes, supervisors putting them on the computers of their workers when they suspect fraud or other types of misbehaviour.

There are two types of keylogging programs for computers. The first is a program that literally captures every key stroke and sends that information via email. This type is good for capturing email and passwords, but it has its limitations. It does not capture the information on the screen that is being viewed. For example, if someone types in their hotmail userid and password and then reads an email without responding to that email and simply closes their session, the content of the email will not be captured. More sophisticated keyloggers will forward a copy of all email sent and/or received on the target computer to overcome this problem.

The other type of keylogger captures every screen image and stores this information on the hard drive. The information can be replayed back, almost like a movie. The only drawback to this method is that physical access to the machine is necessary to collect the information. The latter type is commonly used by a spouse or employer, as there are abundant opportunities for access to the computer.

But what of cellphones? Are there keyloggers or the equivalent for those mobile devices? Now, there are legal issues here and I do not profess to be a lawyer. If you are not clear on what you can or cannot do legally, consultation with legal counsel would be advisable. As this is a new and emerging area, there are many companies that claim to be able to do all kinds of things, many of them are simply not true and are scams. So, if you decide to venture into this area, you have been warned.

---

So what is possible? It’s possible to read the SMS and email messages, view call logs, do secret GPS tracking, and turn your target phone into a listening device. Listening in on live calls is also possible but it has been known to crash or reset the phone, which of course is not a good thing when you are trying to avoid suspicion. In order to install the software, you need to have physical access to the phone for anywhere from 30 to 60 minutes. The phone must also have an Internet connection. Only certain models of phones are supported, so you must ensure that the phone you want to gather information from is on the vendor’s list of models that are supported. Once the software is installed it collects the information that it needs and sends it to a web site.

With the appropriate account credentials, one can then view all of the SMS, email and call logs. In order for this information to be uploaded, the phone must be turned on and it must be in a cell area where it can communicate with the network. Given that these conditions are met, the phone will upload the data as requested. GPS tracking is also available on GPS enabled phones, allowing you to see if the phone, or more specifically the person is where they say they are, or where they are supposed to be. This useful feature cannot be understated when one says, “Honey, I have to go to the office for a few hours” and the phone ends up on the other side of town, if you catch my drift.

There are currently three companies that have established a good reputation for providing cell spy software. They are: Flexispy, Mobile Spy and Mobi Stealth. Interestingly, a company called Spector Soft, a leader in the keylogging industry, has just announced “eBlaster mobile” for Blackberry Smartphones.  It seems that there is enough interest in this emerging market that some of the bigger players are now starting to get in the game. If you suspect your phone has been compromised the safest bet is to reset the phone to its factory settings and the reload your contact information. There a couple of ways to detect if a spyware has been installed on your phone, but I will save that for future columns.

Marty Musters is the Director of Forensics for NCI and can be reached at 905-607-9777 Ext 244 or mmusters@nci.ca