Dear leedavi,
When you have a keylogger on the client (PC), it sends every keyboard stroke over the internet also to the freelance black hat hackers, simultaneously and paralell to the intended SSL website like Paypal, every thing you type in is send, kind of bypassing, does not mater whether SSL website or not, its on the beginning of the pipe line.
That's what I call man-on-client (versus man-in-the-middle)
When you have a keylogger on the client (PC), it sends every keyboard stroke over the internet also to the freelance black hat hackers, simultaneously and paralell to the intended SSL website like Paypal, every thing you type in is send, kind of bypassing, does not mater whether SSL website or not, its on the beginning of the pipe line.
That's what I call man-on-client (versus man-in-the-middle)