Keystroke Hacking...

Like the others, I am suspicious of the bank's analysis. Sounds like their phone people know nothing of Macs and are potentially covering their incompetence.

In over 11 years of helping here, the only case I seen reported here of a keystroke logger appearing was one surreptitiously installed on a Mac by the poster's boyfriend--now "ex-boyfriend"--when he had access to the lady's computer while she was away. She dumped him and the key logger simultaneously. A few well-place whacks to the nose may have been involved! 😮

i didn't even know what a keystroke logger was till this guy at the bank freaked me out about it, and honestly i was already freaked out about having tons of money being spent in my 3 accounts!

The guy at the bank is trying to shift the blame from his employer onto you so you won't sue. I'd take long odds that the bank is responsible for the breach, possibly the work of a real hacker, and that you're not the only victim. Such incidents make the news almost every week.

Linc Davis wrote:

The misinformation in this thread is out of control.

No kidding.

Kikikins,

You need to find a good soul that knows Mac's (and computers in general) well to review your whole computer security set up.

This professional needs to image every hard drive for separate forensic purposes to find the keystroke logger or rootkit that has taken over your machine and caused you harm.

Then flush the whole system all the way from changing the IP address with your ISP, to the router firmware, to each computer on the network, to every writeable external media and hard drive.

All your passwords and log in names need to be changed, everything.

Located in Orange County CA

http://www.computerevidenceexperts.com/

If they don't find anything, then the bank is wrong and they made the mistake and need to return your funds.

Technically if your identity was stolen the FBI should be involved as this is a crime, even more so if the bank and lost funds was involved.

You sound like a very sweet person, but your going to need some real tough smart guys to root out exactly what went wrong.

http://www.fbi.gov/about-us/investigate/cyber/identity_theft

If the any funds that were lost wasn't so great, you might be able to get away with local Mac services to clean your computer slate completely (explain to them you need a complete change of everything) and then follow protective identity theft procedures recommended by the FBI.

Maybe you can enlighten us why we should, or should not turn on the firewall.

I don't know. Maybe you can enlighten me. The application firewall seems to me to be the weirdest feature Apple has ever shipped, especially since it's meant to replace the packet-filtering BSD firewall, which actually is sometimes useful and still exists, although there's no longer a UI for it.

The application firewall blocks all incoming network connections, regardless of the source, to executables that the user designates. It does absolutely nothing to block outgoing connections. Under what circumstances that would be useful, I've never really been able to figure out. The best scenario I can come up with is that you have a portable that's sometimes on a trusted network, home or office, where it provides unsecured services, and at other times is on an untrusted network, such as a public hotspot. When you're on the trusted network, you turn the firewall off. When you're on a hotspot, you turn it on. I guess that might be useful to somebody, if there's anybody in the world who would think to do it. Certainly Apple doesn't do anything to give users a clue to what its proper use is.

One thing the firewall is sure not to do is block the outgoing connections that a keylogger would make to a remote server.

Linc Davis wrote:

...although there's no longer a UI for it....

One thing the firewall is sure not to do is block the outgoing connections that a keylogger would make to a remote server.

WaterRoof and NoobProof for a GUI configuration of the ipfw and LittleSnitch for outgoing connections, although if it got root then all bets are off.

All three above are not for regular users, which as you know Apple caters too.

Apple's "Firewall" is basically just training wheels.

As the computer generation that grew up with comptuers being open and complicated requing a skill set fade from the scene, a host of new "computer appliance" users spring up.

Yes, the way we know computers as open devices is going to disappear.

Linc

Thanks, you know more than me, and I appreciate your offering. To be honest the firewall is something I've just been conditioned to turn on. Linc does a Unix type firewall run on OSX unbeknownst to us? I know for Linux distros et.al Ubuntu a firewall runs beneath the surface. Your insight is very much appreciated.

Regards,

Joseph

The ipfw stateful packet filter from FreeBSD is included, but it's not easy to get at.