APPARATUS, SYSTEM, AND METHOD FOR PROTECTING AGAINST KEYLOGGING MALWARE AND ANTI-PHISHING

摘要

An apparatus, system, and method is disclosed for protecting against key logger malware. The protection includes protection form grabbing keylogger malware. In response to detecting a form submission event from a browser associated with a user entering data into a form, confidential data is cleared to prevent it being captured by malware. Additional protection of data inputs, entered at a driver level, may be provided as an additional level of protection against hook based malware operating at a virtual keyboard level or operating system level. Data inputs received at a physical driver level may be protected as they pass through a virtual keyboard level and an operating system level. The projection against malware may be provided as a preventive measure that does not require detection of the key logger malware itself.

主权项

1. A method for preventing software key logging executable by a microprocessor, comprising:
downloading an anti-key logger in response to the initiation of an online access session, the anti-key logger having an associated signature list of sites that target an institution; installing and maintaining the anti-key logger at a most privileged access level for browser events in an Application Programming Interface (API) stack: detecting, by the anti-key logger, a browser form submission initiation call event associated with data inputs entered by a user, wherein the form submission initiation call event is an OnSubmit call event or a BeforeNavigate call event; submitting the data inputs to a designated entity; clearing, by the anti-key logger, confidential data from the data inputs to protect against the threat of key logging mal ware capturing the confidential data; and providing at least one complementary form of malware protection based at least in part on the signature list.