Please pay attention to the date of the last post before posting in a thread. You bumped this year old thread without adding anything worthwhile to the discussion.
I apologize, I didn't realize the thread was a year old until I posted it. I got here after I removed a keylogger from a friend's system. She has decent computing practices and I was doing some research trying to find the PoC for the keylogger.
It still holds that running the "top" command from terminal can help in find keyloggers. I also found that the event viewer also does a good job of showing you when there is funny business going on. Little Snitch is also a very good tool for keeping an eye out for suspicious traffic to and from your computer.
The only way to get a keylogger on your Mac is to install it yourself, or give someone access to your Mac to install it. There is no Mac OS X malware in the wild that will install a keylogger on a Mac.
I love apple and though it's not my main computing platform, I have several Apple computers and a ton of stock in that company. I want Apple to be a secure as the next Apple fan. That doesn't mean I have to bury my head in the sand. Have you ever heard of the pwn2own competitions? It's been run every year since 2007. The idea is to take over a computer gain root access and then install a piece of software on it. It's held over three days. Day one you must take over a fully patched computer with no added plugins, and no user interaction at all. The only caveat is that be connected to the wireless network. Day 2, the user has to click on a link, and common plugins are installed. Day 3, you can attach a usb drive to the computer. Every year, OSX is the first to fall and in 2009 when there were many more contestants, OSX fell on the first day. OSX has fallen on the first day, every single year after that. Charlie Miller, one of the winners, was able to remotely take over a brand new fully patched macbook with no user interaction, install a program, and write to the hard drive, in minutes! Windows didn't do much better. IOS is even worse when it comes to security and far behind the other mobile OS's. Ubuntu is always left standing, but I'm not sure if it's because of security, or because of a lack of interest from the hacking community when it comes to attacking Ubuntu machines. They don't include linux anymore. (full disclosure, linux is my main computing platform).
http://en.wikipedia.org/wiki/Pwn2Own
There are no Mac OS X viruses in the wild. That is a fact. If you care to challenge that, name one. Just one.
No OS is immune to malware, but it's not possible until a Mac OS X virus exists in the wild.
The "marketshare theory" has been debunked countless times. The Mac platform was far more obscure with OS 9 and earlier, yet there was a good number of viruses and other forms of malware that affected Mac OS 9 and earlier. Now that both market share and installed base has grown significantly (approx. 50 million users), the instances of Mac OS X malware has decreased, and there has never been an OS X virus in the wild.
Apple has had their head in the sand regarding security and has done nothing about it until recently with Mountain Lion. OSX is inherently less secure and easier to exploit than most people think. If you don' believe me, just ask Charlie Miller who time after time embarrases Apple with his zero-day exploits. He contends that Apple and safari are far easier to exploit than WIndows or Linux. He should know because he proves it every year. He found several critical exploits in IOS and Apple responded by taking away his App Store license.
Here is an interview with Charlie Miller about OSX security. You can read it, or you can continue to ignore OSX security like everybody else.
http://www.zdnet.com/blog/security/questions-for-pwn2own-hacker-charlie-miller/2941
Here is another interview:
http://www.forbes.com/forbes/2010/0412/technology-apple-hackers-charlie-miller.html
another:
http://www.sdtimes.com/blog/post/20...y-and-how-to-handle-the-egg-on-your-face.aspx
One more, the Flashback trojan isn't a virus, but it did manage to infect 600,000 macs. Why? Because Apple is so smug about security that they didn't patch the Java exploit until weeks after Oracle fixed the hole.
http://en.wikipedia.org/wiki/Flashback_trojan