Are there keylogger viruses for mac?

[CylonGlitch]

FALSE. OS X requires admin password to modify the system, even when running admin account.

What you think is only for windows.

You don't get it, sure it asks for the password but it also unlocks other features of the systems where it doesn't need the password (otherwise there would be no difference between user and admin accounts). You should never be running with an admin account; not that there are known exploits, but it does leave the door open for them.

 

[Blaine]

I got hacked a few days ago, and now I'm scared to death of my mac's security.

It must have been from a key logger. No one has physical access to my Mac and I don't fall for phishing attacks.

If I ever go online to manage my account, o go to worldofwarcraft.com
I don't click links.

I use curse to update my addons, and wonder if a keylogger was placed in one of the addons.

But if it was a keylogger, it would have prompted an admin password, which would have raised eyebrows, and I would have canceled.

Now I'm scared to death guys, and think a keylogger or other malware is running on my system.

I even considered getting norton for my Mac :'(

Sigh, I'm so devistated right now, and have been avoiding using my Mac for days now after the hack.

-cries uncontrollably-

 

[GGJstudios]

I got hacked a few days ago, and now I'm scared to death of my mac's security.

What makes you think you got hacked? Do you know how extremely rare it is that any Mac is hacked?

It must have been from a key logger. No one has physical access to my Mac and I don't fall for phishing attacks.

Unless you installed it yourself, you don't have a keylogger or any other malware on your Mac.

No viruses exist in the wild that can run on Mac OS X, and there never have been any, since it was released 10 years ago. The handful of trojans that exist can be easily avoided with some basic education, common sense and care in what software you install:

Mac Virus/Malware Info​

 

[CylonGlitch]

There are other options that people tend to forget that there is another way to get your information; and that is to hack a server which your packets are passing through. Yes the packets are encrypted but if someone is smart enough they can watch the packets from the beginning of a connection and thus can snoop what is going on. The data path has been out for years so hackers are more then likely on to exploiting it.

It could be, I guess.

 

[munkery]

Passwords can be easily brute forced if you do not follow safe password guidelines.

Passwords should be at least 8 characters long and include at least one element from mixed alphabet, numbers, and symbols. For example, &Jigzy87.

Also, I have noticed a lot of phishing emails related to "Battle.net" are in the wild. Did you log into your account from a link in an email?

If you did then that is how your account was compromised.

You should never be running with an admin account; not that there are known exploits, but it does leave the door open for them.

The difference between a Mac admin and standard account is not that significant in terms of exploitation.

Yes the packets are encrypted but if someone is smart enough they can watch the packets from the beginning of a connection and thus can snoop what is going on.

How would the attacker use the encrypted data from the packets?

 

[CylonGlitch]

How would the attacker use the encrypted data from the packets?

Not hard if you have the ability to watch the communication from the beginning to get the information. There are several stand alone bots for WoW; thus they must have compromised the communication stream. I know that packet data format has long since been determined, and it looks like the encryption scheme may have been as well. Given that, it's not hard to get the login message and extract the password; or even to just send a dummy login message with the same data but different IP address.

Once you've compromised the encryption of the data stream, just about anything is possible.

 

[munkery]

This is Blizzards own webpage about how WoW accounts get hacked:

http://us.battle.net/en/security/theft

Do any of these scenarios seem likely to be the cause of your account being compromised?

Not hard if you have the ability to watch the communication from the beginning to get the information.

Wouldn't this require some sort of malware?

There are several stand alone bots for WoW; thus they must have compromised the communication stream.

The communication stream need not be compromised if the bot is able to hook into the client app.

I know that packet data format has long since been determined, and it looks like the encryption scheme may have been as well.

It doesn't use standard encryption schemes such as SSL?

Given that, it's not hard to get the login message and extract the password; or even to just send a dummy login message with the same data but different IP address.

If it is encrypted with SSL, then extracting the data is very unlikely given that it uses 128 -256 bit AES encryption and is designed to prevent tampering.

 

[CylonGlitch]

Wouldn't this require some sort of malware?

Yes and no. What I was saying from the beginning is that if one of the servers along the path that data is communicating to the Blizzard servers has been compromised, then no, they can still watch the packets as it flows through the system. It can see when a communication path is created with it's source and destination and then snoop that channel. It's all quite easy to do once the server has been compromised. BUT compromising the server isn't all that easy and thus yeah, some sort of malware was likely used.

The encryption scheme works (AES included) by making a few careful assumptions. First is that the source of the key is controlled, in this case it really isn't controlled hard enough. The IV for the encryption is also a secret. BUT in this case you need to have the client and with enough time, it could be reverse engineered and thus the IV extracted.

Given that there are many stand alone bots (not ones that feed through the client) and that there are stand alone server emulators, it is clear that the data stream must have been compromised. Read here Blizzard Support Page on Networking indicating that hacking the data stream is a bannable offense. They know that people are doing it.

Sadly, it isn't as secure as it should be, but something so big is a huge target and even more so when so much money is involved.

 

[munkery]

Does WoW use full session encryption or is just the login encrypted?

If the encryption scheme for SSL is as easily cracked as you suggest, attackers would be using it for much more profitable activities than hijacking WoW accounts.

Any specifics on how it is being done via this method? Perhaps, a link to an article?

Edit: Or, are you trying to say that the WoW client has a specific weakness that does not apply to other client software?

Also, login credentials could be compromised by giving them to stand-alone bots if that was the intended goal of the bot client app developer. Are you saying the bot client apps are malware intended to steal WoW login credentials? That makes sense.

 

[AdaS]

I just got my WoW account hacked, I use a mac for nearly 15 years and I never had trouble with viruses so far. The only way someone could have hacked it is either somehow guess my password or keylogger for mac os x. If there is a keylogger in my computer, how can I detect it on Mac os X?

Sorry for my reply to such an old topic. If you know a good solution to detect a Mac keylogger, plz PM me.

 

[GGJstudios]

How do you know there is an keylogger in your computer? But as I know, there is really keylogger for mac now, such as http://www.anykeylogger.com/keylogger-for-mac.html. The solution, I think you need to look for an ANTI software to detect the keylogger then uninstall it.

You don't need a 3rd party anti-malware app to keep a Mac malware-free. The only way to get a keylogger on a Mac is to install it yourself or give someone access to your Mac to install it. If you haven't done that, you don't have a keylogger on your Mac.

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 12 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). 3rd party antivirus apps are not necessary to keep a Mac malware-free, as long as a user practices safe computing, as described in the following link.

​

Read the What security steps should I take? section of the Mac Virus/Malware FAQ for tips on practicing safe computing.

 

[Jimmyym]

You don't need a 3rd party anti-malware app to keep a Mac malware-free. The only way to get a keylogger on a Mac is to install it yourself or give someone access to your Mac to install it. If you haven't done that, you don't have a keylogger on your Mac.

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 12 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). 3rd party antivirus apps are not necessary to keep a Mac malware-free, as long as a user practices safe computing, as described in the following link.

​

Read the What security steps should I take? section of the Mac Virus/Malware FAQ for tips on practicing safe computing.

Get it. I want to know how can we infect keyloggers? Can someone install it on the mac from an email or attach the keylogger to some file?

 

[edddeduck]

Get it. I want to know how can we infect keyloggers? Can someone install it on the mac from an email or attach the keylogger to some file?

No, you will need to type in your admin password or at the very least run the attached application, a simple attachment won't do it.

Usually things like this are installed/hidden inside pirated software. So you think you download a nice free copy of a game or other software and in fact you are also installing a key logger/trojan as well.

Edwin

 

[960design]

Get it. I want to know how can we infect keyloggers? Can someone install it on the mac from an email or attach the keylogger to some file?

Technically yes. An email would arrive with an attachment. You'd click on the attachment and download it to your mac. Then you'd double click the download to get it to run. It would try to access your file system, install itself... something that requires admin password rights and your Mac would put up a scary looking message saying something like, this program could be unsafe are you sure you want to install it or this program is from an unapproved vendor, please change your security settings to all the program to install. Then you might have to take the extra step to tell your mac to install programs from anywhere. Now you can try to install it. Then you would have to enter your admin password to give access to the program. Now you have an infected computer.

To this REALLY old thread: All of your passwords can be captured each time you go to an internet cafe, a WOW event where lots of you are gathered and playing wirelessly together. Does someone have time to hack all of your passwords, absolutely not, but they can run a dictionary hack on each password the instant it is captured; typically that will resolve about 10% of the passwords. Now, the bad person capturing CAN brute force hack the pretty girl's account or the obnoxious brute's account with a little time.

After the event capture of the bad person can sell the data stream to other bad people that have huge server farms or zombie farms that can brute force probably 50% of the passwords.

That's why it is so important to change passwords. It takes time to hack a password, it takes time to sell them to others to hack. Changing your password every month or so will do wonders for your safety.

 

[soulsyphon]

first of all plenty of people get their wow accounts hacked... it has nothing to do with keyloggers... doesn't matter what os you use...

if you don't want to get hacked, us SMS protection and authenticator.... derp

 

[Zellio]

People using authenticator during the Diablo 3 hacks still got hacked. Blizzard sucks and doesn't want much light shone on the fact that they have poor security.