CAPEC-568
Capture Credentials via Keylogger
Description
An adversary deploys a keylogger in an effort to obtain credentials directly from a system's user. After capturing all the keystrokes made by a user, the adversary can analyze the data and determine which string are likely to be passwords or other credential related information.
Prerequisites
The ability to install the keylogger, either in person or remote.
Mitigations
Strong physical security can help reduce the ability of an adversary to install a keylogger.