Infected by DutyWatch Remote keylogger

Discussion in 'macOS' started by Blackfoot, Mar 13, 2011.

  1. Blackfoot, Mar 13, 2011
    Last edited: Mar 13, 2011

    Blackfoot macrumors newbie

    Aug 27, 2008

    I ran an antivirus/trojan/keylogger/... scan on my mac today and found out I had the "DutyWatch Remote 1.8" keylogger embedded in a .jpg. It's the first time I run an antivirus on my mac (obviously, because they're supposed to be "safe").

    For the sake of clarification: I'm talking about my private MacBook Pro, I'm in no way an employee (I'm a student), so no employer could have installed it in my computer.

    Did anyone of you come across this crap? How much info does it log/send away? I saw on their website that it logs pretty much anything from keystrokes to screenshots, so I'm getting a little paranoid here...

    Thanks for any info!
  2. SandboxGeneral Moderator emeritus


    Sep 8, 2010
    A quick search on Google shows that this is a legitimate piece of software by the looks of it. Perhaps your Mac is a used one, or you let someone borrow it in the past.

    This would have to be installed manually and have the user password to make it work.

    Mac Virus/Malware Info

    DutyWatch Remote
  3. cgrendy3 macrumors newbie

    Apr 18, 2011
    Same DutyWatch infection problem with my MBP!

    I also have a 'private' MacBook Pro. I'm self-employed and work from home so there are no bosses around installing 'spyware.' ;) And, my MBP was purchased brand new outta da box. I do spyware, virus, trojan, etc. checks with different software programs every once in a while -- I KNOW a MAC can get infected -- I've been using Macs and PCs since the 80s, and I have SEEN IT HAPPEN. So, I don't listen to the BS Apple spouts about Macs being immune! But, this is my first encounter with this DutyWatch keylogger.

    My son does use my MBP to look up cheats for video games sometimes, so my guess is that this DutyWatch software somehow infected my MBP while he was 'at the helm' (i'm much more suspicious!). This likely explains the startling discovery of an email my son received about a week ago -- his email account receives only one or two emails a month from family!!! -- but, this email was from some bogus :cool: singles website (my son is 10 years old!) -- asking that he CONFIRM his sign-in ID and PASSWORD! And, the email correctly listed both his email ID and password.

    I had a 'chat' with the son, and we changed all of his passwords, but, I suspected that some keylogging program found its way onto one of our home network computers. (I installed and used a 'spyware/keylogger' myself a few years ago when my daughter was a teen -- I know how they work!) :p Anyway, I ran a 'full' scan with a MacScan Demo just last night, and although I've been 'testing' this MacScan software and running various scans for about two weeks now, today was the first I had heard of this DutyWatch issue!

    I'm going to run some other software-maker scans, just to see if any of them find something to do with DutyWatch, but, methinks something is amiss. Some how, some way, this keylogger software infected our home network without any of us knowing it or wanting it! I think i'll also contact the makers of DutyWatch and let them know their software might be being used maliously and in need of some additional work to patch those leaks!!! grrrr... :mad:
  4. GGJstudios, Apr 18, 2011
    Last edited: Apr 18, 2011

    GGJstudios macrumors Westmere


    May 16, 2008
    Macs are not immune to malware, and no one who is knowledgeable is claiming that they are. That being said, there has never been a virus in the wild that affects Mac OS X since it was released 10 years ago. The handful of trojans that exist can be easily avoided with some education and common sense and care in what software you install:
    And a keylogger is NOT malware. It's a software app that any user can elect to install.
    That spam could have just as easily been generated if someone hacked the email account due to a weak password. It doesn't necessarily indicate the presence or the use of a keylogger or malware.
    You still haven't indicated if you definitely have a keylogger installed, or if you simply think that you do.
    Their software works as designed. They have no responsibility if someone uses it for undesirable purposes. It's not "leaks". You haven't even confirmed that you have it installed.

Share This Page