Malware Security Evasion Techniques: An Original Keylogger Implementation

Abstract

The current study evaluates the malware life cycle and develops a keylogger that can avoid Windows 10 security systems. Therefore, we considered the requirements of the malware in order to create a keylogger. Afterward, we developed a customized and unpublished malware, on which we added as many features as necessary using the Python programming language. At the end of this process, the resulting executable program will execute three main threads responsible for collecting the screenshots, keystrokes, and creating the backdoor in the infected system. Furthermore, we added the required methods to avoid the leading security tools used in Windows environments. Finally, we tested the executable file resulting on different websites as proof of concept in a real scenario. As a result, the keylogger has avoided Windows 10 firewalls, user account control, and the antivirus. Moreover, it gathered a significant amount of confidential information about user behavior, including even the credentials of the users, without noticing them.