قالب وردپرس درنا توس
Home / Tips and Tricks / Check your MacOS computer for malware and keyloggers «Null Byte :: WonderHowTo

Check your MacOS computer for malware and keyloggers «Null Byte :: WonderHowTo



Although you suspect that your MacOS computer is infected with malware, it can be difficult to know for sure. One way to identify malicious programs is to look for suspicious behavior, such as programs that listen to our keyboard input or launch themselves every time we start. Thanks to free MacOS tools called ReiKey and KnockKnock, we can detect suspicious programs to find keyloggers and other stubborn malware lurking on our system.

There are many ways in which a keylogger or malware can end up on your MacOS system. It can happen through an infected file, a hacker with a USB Rubber Ducky, or, more likely, a jealous spouse or over-concerned family member trying to track your actions. Ensuring that your communication is not intercepted by anyone is a concern for everyone who appreciates their privacy, but how much malware is there really for MacOS?

Don't miss it: Steal Ubuntu & macOS Sudo passwords without any Kraken

Malware for MacOS

Patrick Wardle, a former NSA hacker who creates MacOS security tools, studies malware written for Apple devices. On his website https://objective-see.com/, Patrick hosts live examples of MacOS malware that researchers can study, and the variety of malware discovered in the wild is shocking. A simple search for keyloggers finds five different types of keylogger malware for MacOS devices.

That's a challenge: how do we defend ourselves against all these different types of malware when keyloggers come in five different flavors? Wardle & # 39; s answer is to search for the behavior of malicious programs such as keyloggers rather than just searching for programs & # 39; s themselves.

For example, a keylogger taps the flow of events through our keyboard, allowing an attacker to intercept any key of the victim type. By seeing each key typed, they can learn account passwords, intercept communications, and more. But to be really effective, these programs must run as soon as we log in to our computer. This means that malicious programs are usually installed permanently, so that the victim does not have to open the malicious file more than once.

ReiKey & KnockKnock can detect new types of malware

First, with ReiKey we can search for one of the most essential features of a keylogger: programs that have tapped our keyboard stream. Looking for keyboard stream access alerts us to all keyloggers that are installed on our system, not just those that are recognized by an antivirus.

Because a keylogger is also installed permanently, we can discover it with another free utility, KnockKnock. When you run KnockKock, permanently installed programs are divided into easy-to-understand categories. These include types of programs that malware usually uses to continue to work: browser extensions, start items, kernel extensions, and plug-ins.

After scanning your system, KnockKnock identifies each permanently installed item and checks whether it is flagged in VirusTotal.

If a malicious program lurks on your system, identify it by clicking on the "Info" icon to view the details further. If you have discovered files that are flagged by VirusTotal and look suspicious, this is a strong indication that your system has been compromised by malware, adware or other malicious and unwanted programs.

Let's test these programs & # 39; s and see what we can find on our Mac.

What you need

To use KnockKnock and ReiKey, you need an up-to-date MacOS system to install it on. You also need an internet connection and a browser to download the installation programs.

Step 1: Download Tools from Objective-see.com

First navigate to the product page for ReiKey on Objective-see. com and look for the download link under the ReiKey icon at the top left of the page.

Download and unpack the installer. Double-click the "ReiKey Installer.app" file to start the installation program.

Step 2: Install ReiKey

When the installation program opens, click the "Install" button to install ReiKey on your MacOS system. [19659026] Checking your MacOS computer for malware and keyloggers ” width=”532″ height=”532″ style=”max-width:532px;height:auto;”/>

Once the installation is complete, you can click "Next" to close the installation program. You should now have a ReiKey icon in your taskbar that gives you access to the app's preferences.

Click on the ReiKey icon in the taskbar and then click on the "Preferences & # 39;" button. You can access the configuration options so that you can set whether to run the program when logging in, run with an icon in the status bar and whether to ignore Apple's & # 39; s programs during scanning.


Source link