Warning: Some posts on this platform may contain adult material intended for mature audiences only. Viewer discretion is advised. By clicking ‘Continue’, you confirm that you are 18 years or older and consent to viewing explicit content.
This means that while a keylogger might require admin access to install, any app or script with sufficient permissions could access these plaintext keys.
Malware to capture input would require privilege escalation as well, whereas this just requires being able to run code/copy files.
there is not a simple solution
But there are:
use the system keyring
store unencrypted key in memory in a background process (I.e. DIY keyring)
Essentially, force malware to either copy keystrokes or memory, both of which require admin privileges on most systems.
From the article:
Malware to capture input would require privilege escalation as well, whereas this just requires being able to run code/copy files.
But there are:
Essentially, force malware to either copy keystrokes or memory, both of which require admin privileges on most systems.