Skip navigation

My email account and facebook accounts have been compromised, how can I know if I have malware of a keylogger?

677 Views 1 Reply Latest reply: Nov 29, 2012 12:14 PM by thomas_r. RSS
fire adept Calculating status...
Currently Being Moderated
Nov 29, 2012 9:24 AM

About 2 weeks ago my Yahoo email account and AIM email account had been compromised and the passwords changed. From what I was told/researched at the time, changing my passwords to more secure passwords was the best option.

 

I changed my passwords for the two accounts that had been compromised, and I even when as far to change my passwords for everything that I used frequently, and accounts that were tied to the email accounts, facebook, twitter, etc.

 

This morning at 12:28am (EST) my facebook was accessed by somebody other than me and my password changed. When I noticed this my first thought was to check to see if my email that I log in with was compromised. It had also underwent a password change.

 

Obviously the next thing I did was to try and change my passwords.

I had my AIM email send a change password form to my Yahoo email (which hasn't been tampered with this time) I followed the form and input a new password. After that, it brought me to a page where I was to enter the new password and sign in. When I input the new password it yet again said, "incorrect password or username". After I tried the new password a few more times it finally brought me to a screen saying basically that my account was locked due to suspicious activity and I still haven't been able to try and log in again.

 

I also can't access my Facebook account at all. I obviously can't send a new password to my email because I can't access it. Whenever I tried to send my info to an alternate email it wants me to answer a security question, and for some reason the answer I enter, which should be the correct answer, is said to be false.

 

Facebook offers another option of recovering your account by getting 3 friends to be sent security codes, I tried this method but it would never let me complete it because I locked my account. I locked my account after figuring out it was being tampered with. Whenever I try to get the security codes sent to 3 friends it ultimately leads me to a screen saying my account is locked and I need to sign in to unlock it, which is some major bull considering if I could log in I wouldn't need to be going through the process to begin with!

 

One friend has told me somebody maybe using some file to track my moves, a keytracker?

Is there anyway I can confirm that?

How can I get rid of it, how can I protect myself?

I've been using the internet almost daily since I was 8 years old, I'm now 20, this is the first of these kinds of problems I've ever had.

 

Protip: I run Mac OSX 10.6.8 Snow Leopard.

MacBook Pro, Mac OS X (10.6.8), HELP.
  • thomas_r. Level 7 Level 7 (26,970 points)

    Whatever is going on, it's extremely unlikely to be malware of any kind. See my Mac Malware Guide.

     

    As to what is going on, it's hard to say, but if someone is targeting you specifically, it's not that hard for an experienced person to do. It may not even require actual hacking... see the story of Matt Honan's hacking:

     

    http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/

     

    In short, his attacker managed to get access to Mr. Honan's Amazon account, which gave him access to the last 4 digits of Mr. Honan's credit card that was on file. That credit card was also on file with Apple, and those 4 digits were used to give him access to Mr. Honan's Apple ID. And from there all went to h***. No hacking required, just talking to folks on the phone and convincing them to do what the hacker wanted.

     

    In addition, note that some kinds of accounts provide you with a way to give access to another person. For example, GMail provides a way to add someone else's account, giving them access to your e-mail. Hackers have been known to use such features to leave themselves hidden back doors, so they can keep getting in after you have changed the password. I don't know whether AIM or Yahoo have such features, but it's possible.

     

    Finally, note that there are always possible issues with weaknesses in the servers. For example, right now, someone's selling an exploit kit for Yahoo mail. I don't know whether the vulnerability it relies on has been patched or not, but if it hasn't been, your attacker may be using that method to get access.

     

    In any case, you need to address these issues with AIM, Yahoo and Facebook.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.