Hardware keyloggers found on library computers

eBook: The DevOps Roadmap for Security - Tips and tools for bridging the security tribe into DevOps. Download →

Public computers are usually not the best way to check your banking accounts, do online reservations or shopping. But, for people who don’t have access to a computer at home or at work, they are the only way to do such things.

Unfortunately for them, every now and then, criminals also try to use them as methods of collecting credentials and stealing money from compromised accounts.

The latest example of this scheme has happened in two Manchester libraries, where the staff has noticed hardware keyloggers that look like ordinary USB sticks plugged into the keyboard of the computers available to the library users.

Two keyloggers have been confiscated at the Wilmslow and Handforth libraries each, but unfortunately a third one at the Wilmslow library had been removed – likely by the same people that put them there – before the police managed to arrive at the scene.

The Manchester Evening News reports that an investigation is ongoing and that it is still unknown for how long the devices were plugged into the back of the computers. The devices are not technically illegal, but they are often used for perpetrating fraud.

The libraries’ staff has been instructed to be more vigilant in the future, and instructed to plug the keyboards in the front part of the machine, so that if anyone repeats the offense, the fact will be discovered more quickly – possibly by the computer users themselves.