Saturday, July 20, 2024

Some Top 100,000 Websites Placing Keylogger to Collect Everything You Type

The majority of top-ranked websites (100,000 websites) include malicious keyloggers that are designed to capture every single character that you type or enter in forms before submitting like:-

  • Signing up for a Newsletter
  • Making a hotel reservation
  • Checking out online

The top 100,000 websites were crawled and analyzed by researchers at the following universities:-

  • The University of Lausanne
  • The KU Leuven
  • The Radboud University

The aim of this study is to look at how users might interact with a site while inside the European Union and while inside the USA.

In-depth Analysis

The researchers determined that there were 1,844 websites that recorded the email of EU users without their permission and that 2,950 of these gathered a US user’s email address without their consent.

During a specific crawl of password leak websites in May 2021, the researchers found 52 instances of third-parties collecting password data before submission, including Yandex from Russia.

In the meantime, the 52 cases reported by the group were all resolved after they were disclosed to those organizations. A keystroke feature in some websites is used to log the data from keystrokes as they are keyed in. 

The trouble with this is that there are plenty of websites that get the complete submission from one field when the user clicks on the next.

Here’s what a privacy and identity researcher at KU Leuven and one of the study co-authors, Asuman Senol stated:-

“In some cases, when you click the next field, they collect the previous one, like you click the password field and they collect the email, or you just click anywhere and they collect all the information immediately. We didn’t expect to find thousands of websites; and in the US, the numbers are really high, which is interesting.”

Because of the General Data Protection Regulation of the EU, it has been suggested regional differences are caused by European companies being more cautious about tracking users, and even possible integration with fewer third parties.

During the meeting, the group discovered that Meta Pixel and TikTok Pixel are invisible marketing tracking tools that web-based services incorporate into their websites in order to track consumers across the web and target them with advertisements.

While it has been confirmed that 8,438 sites may have been sending information to Meta (Facebook’s parent company) through “pixels” of the US users. Apart from the US, in total, there are 7,379 sites that are likely to be affected by users in Europe.


You may not be able to fully protect yourself from all collection attempts by simply removing your data from a form before submitting it. That’s why a new addon for Mozilla Firefox has been developed by the experts which is dubbed, “LeakInspector.”

LeakInspector highlights input fields that contain personal data when tracker scripts read (“sniff”) these fields and block leaky requests.

Technology firms are looking at restricting the use of cookie-based tracking as a means of protecting privacy. There will be a growing reliance on static IDs, such as phone numbers and email addresses by marketers and analysts.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.


Latest articles

Hackers Claiming Dettol Data Breach: 453,646 users Impacted

A significant data breach has been reported by a threat actor known as 'Hana,'...

CrowdStrike Update Triggers Widespread Windows BSOD Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users,...

Operation Spincaster Disrupts Approval Phishing Technique that Drains Victim’s Wallets

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have...

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles