I may have a keylogger on my mac, recommendations for good virus program to scan?

Discussion in 'macOS' started by Theraker007, Jun 27, 2010.

  1. Theraker007 macrumors regular

    Joined:
    Mar 3, 2009
    #1
    I know I had one at some point since my world of warcraft account was hacked using one. I've since quit the game and removed all WOW content from my computer but I have no idea where the keylogger originated.. I can assume it was within the wow folder in some addon i carelessly added but I cannot be entirely sure so I was hoping someone could point me in the direction of the best way to ensure that other passwords of mine will not be compromised.

    Thank you
     
  2. lewis82 macrumors 68000

    lewis82

    Joined:
    Aug 26, 2009
    Location:
    Totalitarian Republic of Northlandia
    #2
    If I were you, I would back up all my data using time machine.

    Then, I would erase and install OS X, and put my files back by hand (not using Time Machine restore). This way, you can be sure that you get only the files you want.
     
  3. Theraker007 thread starter macrumors regular

    Joined:
    Mar 3, 2009
    #3
    you've gotta be kidding me, theres no other way to do this?
     
  4. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #4
    The odds of you having a keylogger on your Mac are vanishingly small. Use better passwords.
     
  5. Theraker007 thread starter macrumors regular

    Joined:
    Mar 3, 2009
    #5
    well my wow account was accessed with a guy who was busted for hacking a bunch of accounts with a keylogger.. i was actually able to help catch him cuz the dumbass used his credit card to access my account and I had his CC number still there when I regained control and he cant cancel it now.. so I reported it to blizzard and they found out who he was and linked him to several other accounts.
     
  6. lewis82 macrumors 68000

    lewis82

    Joined:
    Aug 26, 2009
    Location:
    Totalitarian Republic of Northlandia
    #6
    There must be other ways, but that's what I would do. I wouldn't risk having my personal data stolen, nor my identity.

    The method I give you has the quality of being absolutely secure. wipe everything, then restore, by hand, the files (pictures, documents). The applications you know well too, including the preferences folder located in ~/Library/Application Support. But nothing else, including any not-so-popular apps, as this may be where the hypothetical keylogger is located.

    It might be overkill, but again, my identity is worth more than a couple of hours.
     
  7. highres macrumors 6502a

    highres

    Joined:
    Jul 1, 2005
    Location:
    Near the Singularity
    #7
    I use this for all password related stuff online. It works great and I haven't had a single issue in the year that I have been using it. Also it logs you in securely without ANY keystrokes. ;)

    http://agilewebsolutions.com/products/1Password

    Other features include:

    1 - Backup up all passwords to an encrypted file
    2 - Syncs with your iPhone
    3 - Plug-in works securely on all major web browsers
     
  8. miles01110 macrumors Core

    miles01110

    Joined:
    Jul 24, 2006
    Location:
    The Ivory Tower (I'm not coming down)
    #8
    To install a keylogger he'd need administrator-level access to your machine, so my advice to use better passwords is still the root of your problem.
     
  9. Theraker007 thread starter macrumors regular

    Joined:
    Mar 3, 2009
    #9
    I think the keylogger only worked within WoW itself.. it was part of an addon most likely that I added to my mods carelessly (since a lot of them come in packages). Since the addon works from within game, he was probably able to record everything I did within the game but nothing outside.. so he probably didnt need admin access.
     
  10. MoxieWhimsy macrumors newbie

    Joined:
    Jun 27, 2010
    #10
    If you're certain it's only in WoW, remove all your WoW plugins. Then, only add those you trust.

    Sorry, I don't know any Mac anti-spyware programs that would find the offending plugin.
     
  11. ahm macrumors member

    Joined:
    Feb 14, 2009
    #11
    Try Little Snitch


    There was a way to check for outgoing connections manually through the terminal, but I don't remember. I read about it back when the CS4 trojan was happening.
     
  12. hikokun macrumors newbie

    Joined:
    Jun 27, 2010
    #12
    a guild mate of mine sent this to me earlier last week, you may be the unlucky few.


    'Well with the huge numbers of people that have been hacked recently through the flash player exploit before it was caught and fixed there is a new problem looming with regards to the hackers which will effect even players that have an authenticator.

    From a discussion I had with customer support the other day I've found that the majority of people actually had their data mined ages ago and that the hackers are still working through their lists.

    Now another problem is cropping up and that is having authenticators locked out. What is happening is that the hackers may have your account details but not your authenticator codes so what they are trying to do is to guess the code. A few fails and the authenticator is locked out and they move on. What this means though is that you cannot then log on without getting the authenticator reset.

    So to avoid this happening I'd suggest to everyone log on and do a password change before you get bitten as well.'
     
  13. Theraker007 thread starter macrumors regular

    Joined:
    Mar 3, 2009
    #13
    yeah I changed my email and password associated with the account.. thanks for the tip though!
     

Share This Page