Susuto

Moving the buttons around only works if the onclick event makes its way to the virtual keyboard before the logger. Which is implausible given that the logger is running somewhere within your OS, whereas the virtual keyboard lives in your web browser. That logger’s taken the screenshot before your virtual keyboard knows anything about it.

Stuff like that is designed as a workaround for a logger that logs the coordinates of the clicks without taking the screenshot. The fun thing about security through obscurity is that the attacker will always come up with a more convoluted way around your convoluted system, and the user is the one who suffers. A randomized keyboard is a usabiliy nightmare with no real security benefit.