14 DAY TRIAL // Staff from public libraries in Ceshire have been advised to routinely check their computers for USB-based hardware keyloggers afters two such devices were found.
The keyloggers resemble memory sticks, but have both USB male and female plugs and go between a computer's USB port and the keyboard.
Because all signals sent from the keyboard to the computer pass through them, they can be recorded.
There are models which rely solely on their local storage capability and need to be emptied by the attacker routinely, and models that can be configured for a wireless connection and send the captured information via email.
Workers at public libraries in Wilmslow and Handforth found two such devices attached to public computers there and handed them over to the Cheshire police’s hi-tech crime unit.
Details about them were not released. A third one was spotted but disappeared until the staff obtained permission to remove it.
"We take this matter very seriously indeed and are now awaiting police reports on their findings. The vigilance and swift actions of our staff is to be commended but we will not be complacent," spokesperson Coun Andrew Knowles told the Wilmslow Express.
"We will take all practical steps necessary to protect people's privacy and personal details and I urge the public to help us by being vigilant and sensible when using public computers at all times," he added.
There are serious concerns that sensitive information has been stolen, and not just email and Facebook passwords, but also possibly online banking credentials, Amazon and PayPal account details and so on, which people might have used to order books while at the library.
The problem is that there aren't just USB models, but also ones that mimic all sorts of adapters, including USB to PS2 and video loggers that act as DVI, VGA or HDMI extensions. There is even one which is supposed to be installed inside the keyboard itself, making it impossible to spot.