WinLog

It would appear that an anonymous user has decided to upload the source code of a new keylogger tool free of charge, on a platform online. The keylogger is called WinLog and it is rather basic. However, the fact that the WinLog keylogger is available for free means that we may soon see mass-scale attacks employing this threat from a variety of different ill-minded actors around the world. Sometimes a more highly-skilled cybercriminal would come across a freely available hacking tool like the WinLog and build on the basis of its source code to create a more harmful and complex threat.

Simple but Dangerous

Despite the current variant of the WinLog keylogger being more simplistic, it does not mean that it is not to be considered threatening. On the contrary, the WinLog keylogger can cause great harm if it manages to infiltrate an unprotected system. The keylogger consists of a server and client components - the latter is used on the attacker's computer, while the former is meant to be deployed on the victim's system.

Screen-Capturing Module

The WinLog keylogger functions as intended – it collects the keystrokes of the user. This keylogger is also able to collect and transfer information regarding the window where the victim is entering the data. This allows the attackers to recognize what login credentials belong to which profiles. They also can collect information about the victim, as well as spy on their private conversations. The WinLog keylogger has an additional feature that allows it to take screenshots of the desktop and active windows. All this data is siphoned to the server of the attackers swiftly.

Malware experts are yet to spot the WinLog keylogger in the wild. However, the fact that this threat is available for free publicly means that we will likely see it employed in the near future.