Cause key loggers don't track mouse clicks. Lol. Two factor is their best bet.

jsudhams · on June 26, 2016

VIrtual keyboard changes the character location every time it shows so unless u record click for log time or screen record it is difficult

takeda · on June 26, 2016

Malware can still be capable to take screenshot of the screen. If it would log mouse clicks I would imagine it would at least take screenshot if not a video.

underwater · on June 26, 2016

Knowing when to take a screenshot, uploading and storing it, and extracting the password is a lot more work than dumping a text file and grepping for bofa.com.

Retra · on June 26, 2016

Psh, only if you're not also logging keys.

leshow · on June 27, 2016

you just need to take a screenshot when the mouse clicks

okletsgoyayok · on June 28, 2016

Yeah, this is really shitty malware design.

azinman2 · on June 26, 2016

Wow that's a terrible UX -- randomized keyboard every time? Talk about an incentive to NOT login!

TeMPOraL · on June 26, 2016

Does it randomize its DOM elements too?