Some Top 100,000 Websites Placing Keylogger to Collect Everything You Type

The majority of top-ranked websites (100,000 websites) include malicious keyloggers that are designed to capture every single character that you type or enter in forms before submitting like:-

  • Signing up for a Newsletter
  • Making a hotel reservation
  • Checking out online

The top 100,000 websites were crawled and analyzed by researchers at the following universities:-

  • The University of Lausanne
  • The KU Leuven
  • The Radboud University

The aim of this study is to look at how users might interact with a site while inside the European Union and while inside the USA.

In-depth Analysis

The researchers determined that there were 1,844 websites that recorded the email of EU users without their permission and that 2,950 of these gathered a US user’s email address without their consent.

During a specific crawl of password leak websites in May 2021, the researchers found 52 instances of third-parties collecting password data before submission, including Yandex from Russia.

In the meantime, the 52 cases reported by the group were all resolved after they were disclosed to those organizations. A keystroke feature in some websites is used to log the data from keystrokes as they are keyed in. 

The trouble with this is that there are plenty of websites that get the complete submission from one field when the user clicks on the next.

Here’s what a privacy and identity researcher at KU Leuven and one of the study co-authors, Asuman Senol stated:-

“In some cases, when you click the next field, they collect the previous one, like you click the password field and they collect the email, or you just click anywhere and they collect all the information immediately. We didn’t expect to find thousands of websites; and in the US, the numbers are really high, which is interesting.”

Because of the General Data Protection Regulation of the EU, it has been suggested regional differences are caused by European companies being more cautious about tracking users, and even possible integration with fewer third parties.

During the meeting, the group discovered that Meta Pixel and TikTok Pixel are invisible marketing tracking tools that web-based services incorporate into their websites in order to track consumers across the web and target them with advertisements.

While it has been confirmed that 8,438 sites may have been sending information to Meta (Facebook’s parent company) through “pixels” of the US users. Apart from the US, in total, there are 7,379 sites that are likely to be affected by users in Europe.

LeakInspector

You may not be able to fully protect yourself from all collection attempts by simply removing your data from a form before submitting it. That’s why a new addon for Mozilla Firefox has been developed by the experts which is dubbed, “LeakInspector.”

LeakInspector highlights input fields that contain personal data when tracker scripts read (“sniff”) these fields and block leaky requests.

Technology firms are looking at restricting the use of cookie-based tracking as a means of protecting privacy. There will be a growing reliance on static IDs, such as phone numbers and email addresses by marketers and analysts.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Gunra Ransomware’s Double‑Extortion Playbook and Global Impact

Gunra Ransomware, has surfaced as a formidable threat in April 2025, targeting Windows systems across…

4 hours ago

Hackers Exploit 21 Apps to Take Full Control of E-Commerce Servers

Cybersecurity firm Sansec has uncovered a sophisticated supply chain attack that has compromised 21 popular…

4 hours ago

Hackers Target HR Departments With Fake Resumes to Spread More_eggs Malware

The financially motivated threat group Venom Spider, also tracked as TA4557, has shifted its focus…

4 hours ago

RomCom RAT Targets UK Organizations Through Compromised Customer Feedback Portals

The Russian-based threat group RomCom, also known as Storm-0978, Tropical Scorpius, and Void Rabisu, has…

4 hours ago

Hackers Use Pahalgam Attack-Themed Decoys to Target Indian Government Officials

The Seqrite Labs APT team has uncovered a sophisticated cyber campaign by the Pakistan-linked Transparent…

4 hours ago

LUMMAC.V2 Stealer Uses ClickFix Technique to Deceive Users into Executing Malicious Commands

The LUMMAC.V2 infostealer malware, also known as Lumma or Lummastealer, has emerged as a significant…

5 hours ago