Chinese APT Mustang Panda Debuts 4 New Attack Tools
The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.
Keyloggers record keystrokes to steal passwords, messages, and other sensitive data, making them a serious risk to account security and privacy.
Search across headline titles and summaries.
Background for this topic.
Keylogger is software, firmware, or a physical device that records keyboard input, often covertly, and stores or transmits it to another party. In security reporting, the term usually means an unauthorized surveillance or credential-theft tool, although legitimate monitoring tools can use similar techniques with authorization. Captured text may include passwords, recovery codes, messages, and sensitive business data.
Keyloggers matter because they target the endpoint and input process: malware may be installed through phishing or malicious software, while hardware versions require physical access. They may expose passwords or one-time codes entered on an infected device. Defenses include endpoint monitoring, application control, least privilege, timely patching, and inspection of unfamiliar USB or keyboard hardware. If suspected, isolate the device, preserve evidence, reset credentials from a clean device, revoke sessions or tokens, and assess what information was entered.
Weekly headline count for the current query.
The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal.
Keyloggers have been used for espionage since the days of the typewriter, but today's threats are easier to get and use than ever.