I just got my WoW account hacked, I use a mac for nearly 15 years and I never had trouble with viruses so far. The only way someone could have hacked it is either somehow guess my password or keylogger on mac os x. If there is a keylogger in my computer, how can I detect it on Mac os X?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Are there keylogger viruses for mac?
- Thread starter iBug2
- Start date
- Sort by reaction score
There ARE such things as keyloggers for Macs.
I'd be more inclinded to think that it was a mod that you use for WoW that did it.
The only way to be sure is to wipe everything and start over, otherwise, there's not likely to be many magic wands to make it go away.
I'd be more inclinded to think that it was a mod that you use for WoW that did it.
The only way to be sure is to wipe everything and start over, otherwise, there's not likely to be many magic wands to make it go away.
I always use the same modifications for a year, I recently didn't add anything new. And I doubt the mods are responsible for this. That's why I'm stunned since I also thought, still think, that there are no keyloggers which get in your mac involuntarily and do this kind of stuff.
Involuntarily? No.. not likely. But there are plenty of keyloggers.
Just because you've used the same mods, doesn't mean that it wasn't harvesting your password all this time. You've never updated them in all this time?
Also.. did you have a really simple password on your WoW account?
Did you use the same username and password for other internet accounts?
Maybe a friend (or enemy) was playing a trick on you?
There's a lot of variables here.
Just because you've used the same mods, doesn't mean that it wasn't harvesting your password all this time. You've never updated them in all this time?
Also.. did you have a really simple password on your WoW account?
Did you use the same username and password for other internet accounts?
Maybe a friend (or enemy) was playing a trick on you?
There's a lot of variables here.
My password was not a simple one at all, I do use a similar one for my email account which is not hacked, none of my friends know my password. And yes I do keep updating those mods but they all come from one single website, like versiontracker.com, they can't put virused software there, or at least I wouldn't expect any viruses from that place.
Mods that log keystrokes etc aren't tech virus's and in fact would be hard to tell from a quick glance unless you know the WoW mod script syntax.
Most of those sights do not regularly check or validate (in other words do a code review) all mods submitted to ensure they aren't doing anything malicious. I'm hesitant of anyone "redoing" a mod that someone else has done to say it was updated for fear that they put some code in there. Make sure you didn't download anything like that. Also the number of downloads would tell you if it's pretty safe or not. Less downloads, probably not a well known mod and would be less inclined to get. I typically got my mods from Curse-gaming or ui.worldofwarcraft as they have good reputation of linking stable/safe mods.
I've googled a little bit on this since my WoW account was hacked via keylogger that was downloaded from mmorpg.com (a lot of people caught this but I was one of the first that got nailed) so I was hesitant of every going to that website let alone via my new iMac and having my account hacked again.
I found this website that might help you: http://mackeyloggerprotection.com/
It talks about Mac Keyloggers specifically. Information is power and a little googling is probably more informative than the usual "there are no virus's for macs" responses most people are willing to dish out.
True this system is safer but being "safer" does not mean "immune."
I feel your pain for getting your account hacked. Good luck to you!
You can install a keylogger yourself on your own computer, if you wish to do so, so you can find out what others type on your computer. Or someone else can install it if they have your administrator password and access to your computer. There are no keylogger viruses on the Macintosh.
The most dangerous things at the moment are small USB devices that can be installed between keyboard and computer and record everything. MacOS X can't protect you because the whole keylogging happens outside the computer. Of course someone would have to physically get at your computer, install the keylogger and pick it up again later. And MacBooks / MacBook Pros are safe as long as you don't use an external keyboard.
My wow account was just hacked too. I use mac for 3 years and this is the first time i got hacked. Maybe someone installed mac keylogger on my mac. Anyone can help me to find out which mac keylogger it is? Is it Aobo Mac OS X Keylogger from aobo software or Spector For mac?
What was the resolution of your case with Blizzard? Did you lose stuff? I wonder if Blizzard has any suggestions about this kind of protection? Some research is warranted.
I assume that when it come to key loggers, changing your password frequently may not help at all... There was a time when Blizzard was advertising an authentication token for sale. However I went looking for it and the links I found connecting to the Blizzard store were dead and it's no where to be found at the Blizzard store. I wonder what happened to it?
It is still listed in the Blizzard store under Other Products (or whatever the last tab is), but it is currently sold out.
Keylogger is an app. Yes it can be installed as an app if you are tricked into installing it. That is known as a TROJAN.
The account was probably compromised due to phishing.
THERE ARE NO VIRUSES on OSX (so there are NO "keylogger virus" for OSX).
Giz Explains: Why OS X Shrugs Off Viruses Better Than Windows
http://i.gizmodo.com/5101337/giz-explains-why-os-x-shrugs-off-viruses-better-than-windows
The Mac Malware Myth
http://www.roughlydrafted.com/2009/01/29/the-mac-malware-myth/
The Unavoidable Malware Myth
http://www.roughlydrafted.com/2008/...-apple-wont-inherit-microsofts-malware-crown/
Road to Mac OS X Snow Leopard: 64-bit security
http://www.appleinsider.com/articles/09/01/16/road_to_mac_os_x_snow_leopard_64_bit_security.html
WoW Authenticator
You can get a mobile one for your iPhone or iPod Touch through iTunes, just search for battle.net. You can also by a key fob looking device at this address http://www.blizzard.com/store/details.xml?id=1100000442
You can get a mobile one for your iPhone or iPod Touch through iTunes, just search for battle.net. You can also by a key fob looking device at this address http://www.blizzard.com/store/details.xml?id=1100000442
Did you use an installer to install your mod updates ?
You should always manually install your mods.
You should always manually install your mods.
Also if you logged into your wow account through an internet cafe(i.e. in Turkey) there are cafe's that use keylogger apps in their computers.
After youve visited the said cafe, they wait for a limited time and then change your pass once they know they can sell it to someone and poof.
After youve visited the said cafe, they wait for a limited time and then change your pass once they know they can sell it to someone and poof.
There are many apps available that will monitor network traffic to see if your Mac is sending data somewhere your not expecting.
Search for: macintosh network traffic monitor
Search for: macintosh network traffic monitor
WoW scripts cannot log key strokes or otherwise get access to your password (they are not loaded until after login). BUT any mod that has an installer can install whatever they want during that time. Best bet is to never install any mod that requires an installer.
You should be on a USER account, not an administrator account; that way it will have to pop up to make system changes. Typically things like key loggers would have to make changes at the system level.
If you play across WiFi, there is a possibility of someone sniffing your WiFi traffic looking for the login information. But that means that they have to be physically near you. Someone, in theory, could be watching internet traffic going to the Blizzard servers and pulling passwords from there.
Personally, if you don't have the Blizzard authenticator, or the iPhone app, then you will ALWAYS be at risk. I highly recommend getting one if you don't want to be hacked; it is worth the extra hassle.
Many hacking attempts come from fishing. They have some site somewhere that looks promising to you and then after you give them your user name and password they will use that to get into your WoW account. Sometimes just taking your password as a template and trying variations on it.
Your character names should be, in no way, associated with your account name.
Someone could also hack an account if they know account names and just trying passwords via password lists. There are some very good password lists out there.
Be careful, be cautious, and you should never use the same password on more then one site; especially for things that are important like your wow account, bank account, and others.
You should be on a USER account, not an administrator account; that way it will have to pop up to make system changes. Typically things like key loggers would have to make changes at the system level.
If you play across WiFi, there is a possibility of someone sniffing your WiFi traffic looking for the login information. But that means that they have to be physically near you. Someone, in theory, could be watching internet traffic going to the Blizzard servers and pulling passwords from there.
Personally, if you don't have the Blizzard authenticator, or the iPhone app, then you will ALWAYS be at risk. I highly recommend getting one if you don't want to be hacked; it is worth the extra hassle.
Many hacking attempts come from fishing. They have some site somewhere that looks promising to you and then after you give them your user name and password they will use that to get into your WoW account. Sometimes just taking your password as a template and trying variations on it.
Your character names should be, in no way, associated with your account name.
Someone could also hack an account if they know account names and just trying passwords via password lists. There are some very good password lists out there.
Be careful, be cautious, and you should never use the same password on more then one site; especially for things that are important like your wow account, bank account, and others.
Most people use the same easy to guess passwords, thinking themselves are unique.
No. Mac OS X is not Windows.
Mac OS X has better security, so even when running as admin, OS X asks for admin password for system modifications.
No. Mac OS X is not Windows.
Mac OS X has better security, so even when running as admin, OS X asks for admin password for system modifications.
Uh, no. You should not be running with Admin accounts, period. Sure OSX has better security then Windows, but you should not leave your doors unlocked and that is exactly what you are doing as an administrator. If you have an admin account, you can have a lot more things done to your system without your knowledge. Sure it is typically very good; but why risk it? Running with a User account isn't bad on OSX as it is in windows; in fact it is very good. So why leave yourself open to trouble when it takes just a second to make it much more secure?
FALSE. OS X requires admin password to modify the system, even when running admin account.
What you think is only for windows.
You got a Gawker account by any chance? Using the same password and email combo as your battle.net account?
That would be my guess.
That would be my guess.
Sorry to hear about your account(s)
Had the same problem between BC & Wrath when my account was idle for many months. The only mod I ever used was the CT pack but I suppose that could have been the culprit.
Blizzard rolled back my account to just before my password was changed (hacked) and so my main still had everything that was equipped at the time although I lost everything that was in the bank. The hacker actually took the time to max out some trade skills while I was absent, which is a silver lining in a small way I guess.
Had the same problem between BC & Wrath when my account was idle for many months. The only mod I ever used was the CT pack but I suppose that could have been the culprit.
Blizzard rolled back my account to just before my password was changed (hacked) and so my main still had everything that was equipped at the time although I lost everything that was in the bank. The hacker actually took the time to max out some trade skills while I was absent, which is a silver lining in a small way I guess.
account with iphone app authenticator got hacked!
me and my gf have been playing wow on mac for 3 years or so.
i use a a fairly complicated password that i don't use anywhere else and is linked to an email just for wow, so i never used an authenticator and never got hacked.
my gf does not like complicated passwords so she has been using an authenticator (iphone app) ever since its release
this weekend her account got hacked, blizzard restored everything and said it was probably a key logger that got her account
She never got disconnected while playing this weekend, if someone would steal her password and authenticator key with a key logger they would have to use it very quickly (the authenticator key is only valid for a very short time) and hence she would get logged out if they logged in onto her account from another location
i would really like to know how this could have happened?
any ideas or anyone had this happen WITH an authenticator?
me and my gf have been playing wow on mac for 3 years or so.
i use a a fairly complicated password that i don't use anywhere else and is linked to an email just for wow, so i never used an authenticator and never got hacked.
my gf does not like complicated passwords so she has been using an authenticator (iphone app) ever since its release
this weekend her account got hacked, blizzard restored everything and said it was probably a key logger that got her account
She never got disconnected while playing this weekend, if someone would steal her password and authenticator key with a key logger they would have to use it very quickly (the authenticator key is only valid for a very short time) and hence she would get logged out if they logged in onto her account from another location
i would really like to know how this could have happened?
any ideas or anyone had this happen WITH an authenticator?