Installed directly on the operating system. It is easier to deploy remotely but can be caught by antivirus software.
| Risk Area | Details | |---------------------|-------------------------------------------------------------------------| | Credential theft | Captured usernames/passwords for banking, email, social media. | | Data exfiltration | Private messages, documents, or any typed text. | | Persistence | Could drop a downloader to install more malware (ransomware, RAT). | | Evasion | Flash files can be obfuscated, making static analysis difficult. | | Legacy threat | Old systems still running Flash are vulnerable even if air-gapped. | flash keylogger
A Flash keylogger is a type of keystroke logging tool that was historically delivered via Adobe Flash Player embedded in web browsers. Unlike traditional software keyloggers that run as native OS processes, Flash keyloggers operated within the Flash sandbox, capturing keystrokes made inside a Flash movie or game — and in some cases, across browser inputs due to vulnerabilities. Installed directly on the operating system