cancel
Showing results for 
Search instead for 
Did you mean: 

Mac/Linux keylogger

IanSn
Rising Star
Posts: 565
Thanks: 31
Registered: ‎25-09-2011

Mac/Linux keylogger

aimed at Mac/Linux users on Firefox, Chrome
212.7.208.65
looks like this is the source of the malware - just block this IP on your firewall Wink
13 REPLIES 13
Anonymous
Not applicable
IanSn
Rising Star
Posts: 565
Thanks: 31
Registered: ‎25-09-2011

Re: Mac keylogger

also got a warning from this search string when looking up the IP on whois -
-  "Web threat blocked: www whois-search com/?query=212.7.208.65&submit=Go"
couldn't get to the whois page!
bit weird  Huh

edit - oops, better break that link...
maybe the whois entry contains a link to a dodgy site
ReedRichards
Seasoned Pro
Posts: 4,927
Thanks: 145
Fixes: 25
Registered: ‎14-07-2009

Re: Mac keylogger

The more sophisticated Windows viruses access an online "server" that tells them which IP addresses to use in future (including the new server IP).  Surely it is only a matter of time before that capability is incorporated into this virus? 
VileReynard
Hero
Posts: 12,616
Thanks: 582
Fixes: 20
Registered: ‎01-09-2007

Re: Mac keylogger

It's not clear how this code gets executable rights in my user space - and how does it intercept inter-process calls between X and Firefox or whatever?

"In The Beginning Was The Word, And The Word Was Aardvark."

IanSn
Rising Star
Posts: 565
Thanks: 31
Registered: ‎25-09-2011

Re: Mac keylogger

Hmm, turns out I already had this range blocked on htaccess after continuous single hits (into the hundreds) on the registration php file earlier this year from addresses across this whole range.
NL Leaseweb are a constant source of aggravation!
212.7.192.0/18  Angry
-
edit -- is there a way to alter the title of a post?  Wanted to make it 'Mac/Linux keylogger'...
RPMozley
Pro
Posts: 1,339
Thanks: 83
Fixes: 13
Registered: ‎04-11-2011

Re: Mac keylogger

Quote from: IanSn
is there a way to alter the title of a post?  Wanted to make it 'Mac/Linux keylogger'...

Yes, just click Modify to the first post and the title should appear as an option to change it.
That's RPM to you!!
IanSn
Rising Star
Posts: 565
Thanks: 31
Registered: ‎25-09-2011

Re: Mac/Linux keylogger


doh!  Roll_eyes
(You seem to be getting into the habit of pointing out the obvious to me.... Grin )
VileReynard
Hero
Posts: 12,616
Thanks: 582
Fixes: 20
Registered: ‎01-09-2007

Re: Mac/Linux keylogger

http://code.google.com/p/logkeys/ lists some key loggers...
So all a cracker has to do is install them when you are not looking!  Grin

"In The Beginning Was The Word, And The Word Was Aardvark."

IanSn
Rising Star
Posts: 565
Thanks: 31
Registered: ‎25-09-2011

Re: Mac/Linux keylogger

Too easy, eh?
I was thinking a text file with all your logins and passwords. Just copy and paste such things without even touching the keyboard...
ok, thinking that for the want of something better to think....
Quote
tells them which IP addresses to use in future

if it comes via EC2 there's nothing to block on your firewall (except the whole of Amazon), or ever find out where it actually came from
...I think I'll think about something else.....
Anonymous
Not applicable

Re: Mac/Linux keylogger

My First Direct bank login asks for random characters from my password, much better than typing the whole password.
For other sites, I sometimes enter incorrect characters, then correct, so any keylogger doesn't know the correct sequence.
AWB70
Aspiring Pro
Posts: 1,197
Thanks: 20
Fixes: 3
Registered: ‎28-08-2007

Re: Mac/Linux keylogger

Am I right in thinking that this only can only work if someone has access to your keyboard or can it be installed by clicking a dodgy link? For my passwords I use LastPass which is integrated into chrome so that there's no need to type anything it auto fills and before that I used Keepass which also auto fills and deletes the info from cash within seconds of using it. My bank has an extra layer of security by having a key fob which generates a random sequence of numbers every time I login. Not sure how that works but it's probably a good thing.  Smiley
VileReynard
Hero
Posts: 12,616
Thanks: 582
Fixes: 20
Registered: ‎01-09-2007

Re: Mac/Linux keylogger

Unless your bank account gets stolen by an employee or some faulty banking IT.
It's designed to look difficult and therefore prove that any fault lies with you.
For example, it's obviously impossible to break a 4 digit numeric pin code - isn't it?  Roll_eyes

"In The Beginning Was The Word, And The Word Was Aardvark."

MJN
Pro
Posts: 1,318
Thanks: 161
Fixes: 5
Registered: ‎26-08-2010

Re: Mac/Linux keylogger

It's a fairly secure system, and effectively a time-limited one-time password.
A right pain though given the requirement to always have the keyfob. For this reason I swtiched banks. I just hope they don't all end up adopting it!
Mathew