Discover how Advanced Persistent Threat (APT) Actors, such as Sandworm, use keylogging for input capture in victim environments to acquire credentials for new access opportunities within victim environments.
During the 2015 Ukraine Electric Power Attack, Sandworm used keylogging to gather account credentials via a BlackEnergy keylogger plugin. Adversaries log keystrokes to intercept credentials as the user types them to acquire credentials for new access opportunities when other credential dumping techniques fail. In this course, Sandworm: Keylogging Emulation, you’ll discover the many different ways an attacker can capture keystrokes, including Hooking API callbacks, reading raw keystroke data from the hardware buffer, as well as custom scripts.
During the 2015 Ukraine Electric Power Attack, Sandworm used keylogging to gather account credentials via a BlackEnergy keylogger plugin. Adversaries log keystrokes to intercept credentials as the user types them to acquire credentials for new access opportunities when other credential dumping techniques fail. In this course, Sandworm: Keylogging Emulation, you’ll discover the many different ways an attacker can capture keystrokes, including Hooking API callbacks, reading raw keystroke data from the hardware buffer, as well as custom scripts.
