Are there keylogger viruses for mac?

iBug2

macrumors 601
Original poster
Jun 12, 2005
4,044
222
I just got my WoW account hacked, I use a mac for nearly 15 years and I never had trouble with viruses so far. The only way someone could have hacked it is either somehow guess my password or keylogger on mac os x. If there is a keylogger in my computer, how can I detect it on Mac os X?
 

tersono

macrumors 68000
Jan 18, 2005
1,999
1
UK
I just got my WoW account hacked, I use a mac for nearly 15 years and I never had trouble with viruses so far. The only way someone could have hacked it is either somehow guess my password or keylogger on mac os x. If there is a keylogger in my computer, how can I detect it on Mac os X?
Ain't no such animal, sorry
 

yellow

Moderator emeritus
Oct 21, 2003
16,033
1
Portland, OR
There ARE such things as keyloggers for Macs.

I'd be more inclinded to think that it was a mod that you use for WoW that did it.

The only way to be sure is to wipe everything and start over, otherwise, there's not likely to be many magic wands to make it go away.
 

iBug2

macrumors 601
Original poster
Jun 12, 2005
4,044
222
I always use the same modifications for a year, I recently didn't add anything new. And I doubt the mods are responsible for this. That's why I'm stunned since I also thought, still think, that there are no keyloggers which get in your mac involuntarily and do this kind of stuff.
 

yellow

Moderator emeritus
Oct 21, 2003
16,033
1
Portland, OR
Involuntarily? No.. not likely. But there are plenty of keyloggers.

Just because you've used the same mods, doesn't mean that it wasn't harvesting your password all this time. You've never updated them in all this time?

Also.. did you have a really simple password on your WoW account?
Did you use the same username and password for other internet accounts?
Maybe a friend (or enemy) was playing a trick on you?

There's a lot of variables here.
 

iBug2

macrumors 601
Original poster
Jun 12, 2005
4,044
222
Involuntarily? No.. not likely. But there are plenty of keyloggers.

Just because you've used the same mods, doesn't mean that it wasn't harvesting your password all this time. You've never updated them in all this time?

Also.. did you have a really simple password on your WoW account?
Did you use the same username and password for other internet accounts?
Maybe a friend (or enemy) was playing a trick on you?

There's a lot of variables here.
My password was not a simple one at all, I do use a similar one for my email account which is not hacked, none of my friends know my password. And yes I do keep updating those mods but they all come from one single website, like versiontracker.com, they can't put virused software there, or at least I wouldn't expect any viruses from that place.
 

kkat69

macrumors 68020
Aug 30, 2007
2,013
1
Atlanta, Ga
My password was not a simple one at all, I do use a similar one for my email account which is not hacked, none of my friends know my password. And yes I do keep updating those mods but they all come from one single website, like versiontracker.com, they can't put virused software there, or at least I wouldn't expect any viruses from that place.
Mods that log keystrokes etc aren't tech virus's and in fact would be hard to tell from a quick glance unless you know the WoW mod script syntax.

Most of those sights do not regularly check or validate (in other words do a code review) all mods submitted to ensure they aren't doing anything malicious. I'm hesitant of anyone "redoing" a mod that someone else has done to say it was updated for fear that they put some code in there. Make sure you didn't download anything like that. Also the number of downloads would tell you if it's pretty safe or not. Less downloads, probably not a well known mod and would be less inclined to get. I typically got my mods from Curse-gaming or ui.worldofwarcraft as they have good reputation of linking stable/safe mods.

I've googled a little bit on this since my WoW account was hacked via keylogger that was downloaded from mmorpg.com (a lot of people caught this but I was one of the first that got nailed) so I was hesitant of every going to that website let alone via my new iMac and having my account hacked again.

I found this website that might help you: http://mackeyloggerprotection.com/

It talks about Mac Keyloggers specifically. Information is power and a little googling is probably more informative than the usual "there are no virus's for macs" responses most people are willing to dish out.

True this system is safer but being "safer" does not mean "immune."

I feel your pain for getting your account hacked. Good luck to you!
 

gnasher729

macrumors P6
Nov 25, 2005
16,687
3,378
There ARE such things as keyloggers for Macs.
You can install a keylogger yourself on your own computer, if you wish to do so, so you can find out what others type on your computer. Or someone else can install it if they have your administrator password and access to your computer. There are no keylogger viruses on the Macintosh.

The most dangerous things at the moment are small USB devices that can be installed between keyboard and computer and record everything. MacOS X can't protect you because the whole keylogging happens outside the computer. Of course someone would have to physically get at your computer, install the keylogger and pick it up again later. And MacBooks / MacBook Pros are safe as long as you don't use an external keyboard.
 

johnyy

macrumors newbie
Mar 27, 2009
6
0
I just got my WoW account hacked, I use a mac for nearly 15 years and I never had trouble with viruses so far. The only way someone could have hacked it is either somehow guess my password or keylogger on mac os x. If there is a keylogger in my computer, how can I detect it on Mac os X?
My wow account was just hacked too. I use mac for 3 years and this is the first time i got hacked. Maybe someone installed mac keylogger on my mac. Anyone can help me to find out which mac keylogger it is? Is it Aobo Mac OS X Keylogger from aobo software or Spector For mac?
 

Huntn

macrumors demi-god
May 5, 2008
18,388
19,031
The Misty Mountains
I just got my WoW account hacked, I use a mac for nearly 15 years and I never had trouble with viruses so far. The only way someone could have hacked it is either somehow guess my password or keylogger on mac os x. If there is a keylogger in my computer, how can I detect it on Mac os X?
What was the resolution of your case with Blizzard? Did you lose stuff? I wonder if Blizzard has any suggestions about this kind of protection? Some research is warranted.

I assume that when it come to key loggers, changing your password frequently may not help at all... There was a time when Blizzard was advertising an authentication token for sale. However I went looking for it and the links I found connecting to the Blizzard store were dead and it's no where to be found at the Blizzard store. I wonder what happened to it?
 

MacAlpha

macrumors regular
Oct 24, 2008
119
0
Great White North
What was the resolution of your case with Blizzard? Did you lose stuff? I wonder if Blizzard has any suggestions about this kind of protection? Some research is warranted.

I assume that when it come to key loggers, changing your password frequently may not help at all... There was a time when Blizzard was advertising an authentication token for sale. However I went looking for it and the links I found connecting to the Blizzard store were dead and it's no where to be found at the Blizzard store. I wonder what happened to it?
It is still listed in the Blizzard store under Other Products (or whatever the last tab is), but it is currently sold out.
 

Consultant

macrumors G5
Jun 27, 2007
13,293
15
key logging on the mac? a bit scary if you ask me =X
Keylogger is an app. Yes it can be installed as an app if you are tricked into installing it. That is known as a TROJAN.

The account was probably compromised due to phishing.

THERE ARE NO VIRUSES on OSX (so there are NO "keylogger virus" for OSX).

Giz Explains: Why OS X Shrugs Off Viruses Better Than Windows
http://i.gizmodo.com/5101337/giz-explains-why-os-x-shrugs-off-viruses-better-than-windows

The Mac Malware Myth
http://www.roughlydrafted.com/2009/01/29/the-mac-malware-myth/

The Unavoidable Malware Myth
http://www.roughlydrafted.com/2008/...-apple-wont-inherit-microsofts-malware-crown/

Road to Mac OS X Snow Leopard: 64-bit security
http://www.appleinsider.com/articles/09/01/16/road_to_mac_os_x_snow_leopard_64_bit_security.html
 

Syonidism

macrumors regular
Feb 10, 2009
213
0
Turkey
Also if you logged into your wow account through an internet cafe(i.e. in Turkey) there are cafe's that use keylogger apps in their computers.

After youve visited the said cafe, they wait for a limited time and then change your pass once they know they can sell it to someone and poof.
 

tbob32

macrumors newbie
Feb 15, 2008
27
0
Oklahoma City, OK, USA
There are many apps available that will monitor network traffic to see if your Mac is sending data somewhere your not expecting.

Search for: macintosh network traffic monitor
 

CylonGlitch

macrumors 68030
Jul 7, 2009
2,929
113
SoCal
WoW scripts cannot log key strokes or otherwise get access to your password (they are not loaded until after login). BUT any mod that has an installer can install whatever they want during that time. Best bet is to never install any mod that requires an installer.

You should be on a USER account, not an administrator account; that way it will have to pop up to make system changes. Typically things like key loggers would have to make changes at the system level.

If you play across WiFi, there is a possibility of someone sniffing your WiFi traffic looking for the login information. But that means that they have to be physically near you. Someone, in theory, could be watching internet traffic going to the Blizzard servers and pulling passwords from there.

Personally, if you don't have the Blizzard authenticator, or the iPhone app, then you will ALWAYS be at risk. I highly recommend getting one if you don't want to be hacked; it is worth the extra hassle.

Many hacking attempts come from fishing. They have some site somewhere that looks promising to you and then after you give them your user name and password they will use that to get into your WoW account. Sometimes just taking your password as a template and trying variations on it.

Your character names should be, in no way, associated with your account name.

Someone could also hack an account if they know account names and just trying passwords via password lists. There are some very good password lists out there.

Be careful, be cautious, and you should never use the same password on more then one site; especially for things that are important like your wow account, bank account, and others.
 

Consultant

macrumors G5
Jun 27, 2007
13,293
15
Most people use the same easy to guess passwords, thinking themselves are unique.

You should be on a USER account, not an administrator account; that way it will have to pop up to make system changes. Typically things like key loggers would have to make changes at the system level.
No. Mac OS X is not Windows.

Mac OS X has better security, so even when running as admin, OS X asks for admin password for system modifications.
 

CylonGlitch

macrumors 68030
Jul 7, 2009
2,929
113
SoCal
Mac OS X has better security, so even when running as admin, OS X asks for admin password for system modifications.
Uh, no. You should not be running with Admin accounts, period. Sure OSX has better security then Windows, but you should not leave your doors unlocked and that is exactly what you are doing as an administrator. If you have an admin account, you can have a lot more things done to your system without your knowledge. Sure it is typically very good; but why risk it? Running with a User account isn't bad on OSX as it is in windows; in fact it is very good. So why leave yourself open to trouble when it takes just a second to make it much more secure?
 

Consultant

macrumors G5
Jun 27, 2007
13,293
15
Uh, no. You should not be running with Admin accounts, period. Sure OSX has better security then Windows, but you should not leave your doors unlocked and that is exactly what you are doing as an administrator. If you have an admin account, you can have a lot more things done to your system without your knowledge. Sure it is typically very good; but why risk it? Running with a User account isn't bad on OSX as it is in windows; in fact it is very good. So why leave yourself open to trouble when it takes just a second to make it much more secure?
FALSE. OS X requires admin password to modify the system, even when running admin account.

What you think is only for windows.
 

Demigod Mac

macrumors 6502a
Apr 25, 2008
785
234
You got a Gawker account by any chance? Using the same password and email combo as your battle.net account?

That would be my guess.
 

Ravaroo

macrumors 6502
Aug 26, 2010
307
170
feels like Canada South
Sorry to hear about your account(s):(

Had the same problem between BC & Wrath when my account was idle for many months. The only mod I ever used was the CT pack but I suppose that could have been the culprit.
Blizzard rolled back my account to just before my password was changed (hacked) and so my main still had everything that was equipped at the time although I lost everything that was in the bank. The hacker actually took the time to max out some trade skills while I was absent, which is a silver lining in a small way I guess.
 

downset

macrumors member
May 1, 2005
55
0
account with iphone app authenticator got hacked!

me and my gf have been playing wow on mac for 3 years or so.

i use a a fairly complicated password that i don't use anywhere else and is linked to an email just for wow, so i never used an authenticator and never got hacked.

my gf does not like complicated passwords so she has been using an authenticator (iphone app) ever since its release

this weekend her account got hacked, blizzard restored everything and said it was probably a key logger that got her account

She never got disconnected while playing this weekend, if someone would steal her password and authenticator key with a key logger they would have to use it very quickly (the authenticator key is only valid for a very short time) and hence she would get logged out if they logged in onto her account from another location

i would really like to know how this could have happened?
any ideas or anyone had this happen WITH an authenticator?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.