Wow, what a disaster computer. Hm, when you type, there seems to be a slight delay before some of the characters show up. What’s going on?
Oh no! It looks like your client may be in deeper trouble — they may have downloaded spyware as well. Spyware is malicious code downloaded without a user’s authorization which is used to steal sensitive information and relay it to an outside party in a way that harms the original user. If the spyware contained a keylogger, a program that can record what a victim types into their computer, a threat actor could potentially gain access to sensitive information.
This means any sensitive data, like passwords, will soon be in the hands of a malicious third-party. While spyware usually isn’t used to alter data, it definitely violates the principle of confidentiality. A malicious actor may have been spying on sensitive data your client was typing.
Your Suggestion
- Noticing a trend? Be careful what you click on and install that trustworthy antivirus already!
Instructions
Let’s run the app and test out your spyware!
- Type
node app.js
into the terminal and press the Enter or return key on your keyboard to start your keylogger app.
Press the circular arrow button on the right side of the screen to load the webpage.
Now, try typing in a fake username and password. What prints to the terminal when you type in the password field?
Hint: Not working? Make sure you don’t have this exercise open in any other tabs! Then, refresh this page and try again.