Apple Event: May 7th at 7 am PT

Learn more

Add to your calendar 

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: KL1207
KL1207 Author
User level: Level 1
0 points

Keylogger from Runescape scam? Very concerned!

I play the online game Runescape. There was a "giveaway" video on youtube that people were told to comment on to possibly win items/money for Runescape. In the description of the video there was a link to the actual Runescape forums with a thread about the "giveaway" that was "moderator approved" so I figured it wasn't a scam, like these things usually are. I was being stupid, because it was indeed a scam. I didn't think I could possibly get hacked by commenting on a youtube video but I ended up losing access to my Runescape account. I did get it back by changing my password and setting up "Jagex account guardian" which doesn't allow new devices to log onto my account unless I answer security questions. This was about 3-4 days ago and nothing else suspicious has happened. However, today someone told me that the way the person hacked everyone who commented was by making a keylogger in the link that was in the description of the youtube video that I clicked on. I am not very tech savy so I don't know how this works but now I am concerned that the hacker has access to other information on my computer. Can someone help me figure out if there is a keylogger on my mac and if I have one how to get rid of it?

MacBook Pro

Posted on Nov 27, 2012 6:21 PM

Reply
18 replies
User profile for user: John Galt
John Galt
User level: Level 10
141,210 points

Nov 27, 2012 8:26 PM in response to KL1207

A Java exploit is possible, but if you are using Mountain Lion and run Software Update, that should rule out that possibility. I assume Java is enabled in Safari, but if you do not require Java then disable it.


I know of no Mac keylogger apps that would not require Administrator access to install. All the Runescape scams I have been able to determine attempt to deceive you into installing software through social networking.


You also need to answer Linc Davis's question about Safari extensions that you do not recognize - Safari menu > Preferences > Extensions.


It looks like this:


User uploaded file


What do you see there?

Reply
User profile for user: Linc Davis
Linc Davis
User level: Level 10
209,547 points

Nov 27, 2012 8:30 PM in response to KL1207

I'm not sure what a Safari extension is


Select Safari Preferences Extensions from the Safari menu bar. If any extensions are installed, that's where they're listed. If the list is not empty, there anything in it you don't recognize?


Java is enabled.


Java should always be considered untrustworthy. Unless you have a need for it, disable it. No Java exploits are known to be circulating at the moment, but I can't promise you that you're not among the first victims of a new one. If you are, then what will probably happen is that it will be identified by security researchers and Apple will then (after some delay) issue an update to remove it and the exploit that enabled it to be installed.


But it's overwhelmingly likely that you don't have a keylogger. Nobody would go to that much trouble just to steal passwords for a game site. The likelihood is that the game vendor's server was hacked -- a common occurrence, unlike client-side Java exploits, which are relatively rare. The post on the message board could be a hoax, or it could be someone trying to deflect blame.

Reply

Keylogger from Runescape scam? Very concerned!

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up