Help with possible keylogger on Imac

Sorry if this is in the wrong section, but i need some advice off somebody that knows what they are talking about.

I'v tried searching and all i can find about key logger's on macs is people saying you can't get them via a virus, it has to have been done directly to your computer.

About 2 weeks ago i checked an email account i haven't opened in a while and had an email from an online game, i opened it and it looked genuine so i clicked the link that was on it not really thinking, it then opened another webpage which I immediately shut down. ( The dumb thing is that email isn't even what i used with the game account so i don't know why i went through it).

I read up about phising and came to the understanding that is what it was and that your details can only be taken if it comes up with a fake page where you enter your user and pass. Just in case i found a free mac virus scan and found nothing on the scan. So i thought that was the end of it...

Well i logged in to the game yesterday to find somebody has changed my password. I don't know much at all about this stuff, but it must of been a keylogger? I can't see any other way.

Also i downloaded "Little Snitch" to see if i could see anything out of the ordinary going on ( Even though i don't have a clue what I'm looking for). Something along the lines of baymsg(numbers).gateway.messenger.live keeps popping up, is that something official with hotmail or something else?

I have now completely formatted the harddrive and re-installed, and that baymsg thing still popped up when i went on hotmail.

I'm sorry for the essay, but i need answers.

 

Okay thanks.

Zeroing the complete hard drive will wipe anything potentially there though won't it?

 

I have already done that, i don't have much on the computer and i couldn't figure out how to delete my windows bootcamp partition, so it solved that problem as well.

It has to have been that link though that resulted in me being hacked

 

Runescape.

I barely go on it now really and it was a good job i did, because i would have never noticed something was up.

I was waiting for my hired driver in Forza 3 to win my race!

I have trawled the internet and found only 1 other case of a similar thing happening to somebody with an Imac. Can;t seem to find a definite answer :S

Edit: Also i reverse IP traced from the hacked log in, it comes up with Lishui China - I know this can be faked though. But now from my log in it isn't even showing an IP, it is just 3 letters.

 

Nope, it was like a white page with other things on it, i closed it within about 2 seconds of clicking the link because i knew what i had done.

And no i have never downloaded anything, and i was playing through the official client.

I used to play the game alot years ago and this is the first time i have ever been hacked or had trouble with it, and this is in like 5-6 years. I have never put the details anywhere.

It is too strange for me to have clicked this link and to be hacked though, i guess I'm never going to get an answer to it.

 

Theres alot of sites you can reverse trace IP's, i just typed it in one of them.

 

When you log into the game it says at the top of your screen how long ago you last logged in and from what IP. I wrote down the IP it said from there.

Somebody definitely logged in my account with the use of my password.

When i managed to reset my password through email i got back on to see that IP address and also in the game your bank which contains all your items and gold also has a Pin code on it. You can reset it to gain access if you don't know the code and they had reset it. I didn't lose anything though because it had another 4 days before it reset.

They hadnt accessed it through my email or through my set of recovery questions, only by directly logging in with my password.