Although you suspect that your MacOS computer is infected with malware, it can be difficult to know for sure. One way to identify malicious programs is to look for suspicious behavior, such as programs that listen to our keyboard input or launch themselves every time we start. Thanks to free MacOS tools called ReiKey and KnockKnock, we can detect suspicious programs to find keyloggers and other stubborn malware lurking on our system.
There are many ways in which a keylogger or malware can end up on your MacOS system. It can happen through an infected file, a hacker with a USB Rubber Ducky, or, more likely, a jealous spouse or over-concerned family member trying to track your actions. Ensuring that your communication is not intercepted by anyone is a concern for everyone who appreciates their privacy, but how much malware is there really for MacOS?
Don't miss it: Steal Ubuntu & macOS Sudo passwords without any Kraken
Malware for MacOS
Patrick Wardle, a former NSA hacker who creates MacOS security tools, studies malware written for Apple devices. On his website https://objective-see.com/, Patrick hosts live examples of MacOS malware that researchers can study, and the variety of malware discovered in the wild is shocking. A simple search for keyloggers finds five different types of keylogger malware for MacOS devices.
That's a challenge: how do we defend ourselves against all these different types of malware when keyloggers come in five different flavors? Wardle & # 39; s answer is to search for the behavior of malicious programs such as keyloggers rather than just searching for programs & # 39; s themselves.
For example, a keylogger taps the flow of events through our keyboard, allowing an attacker to intercept any key of the victim type. By seeing each key typed, they can learn account passwords, intercept communications, and more. But to be really effective, these programs must run as soon as we log in to our computer. This means that malicious programs are usually installed permanently, so that the victim does not have to open the malicious file more than once.
ReiKey & KnockKnock can detect new types of malware
First, with ReiKey we can search for one of the most essential features of a keylogger: programs that have tapped our keyboard stream. Looking for keyboard stream access alerts us to all keyloggers that are installed on our system, not just those that are recognized by an antivirus.
Because a keylogger is also installed permanently, we can discover it with another free utility, KnockKnock. When you run KnockKock, permanently installed programs are divided into easy-to-understand categories. These include types of programs that malware usually uses to continue to work: browser extensions, start items, kernel extensions, and plug-ins.
After scanning your system, KnockKnock identifies each permanently installed item and checks whether it is flagged in VirusTotal.
If a malicious program lurks on your system, identify it by clicking on the "Info" icon to view the details further. If you have discovered files that are flagged by VirusTotal and look suspicious, this is a strong indication that your system has been compromised by malware, adware or other malicious and unwanted programs.
Let's test these programs & # 39; s and see what we can find on our Mac.
What you need
To use KnockKnock and ReiKey, you need an up-to-date MacOS system to install it on. You also need an internet connection and a browser to download the installation programs.
Download and unpack the installer. Double-click the "ReiKey Installer.app" file to start the installation program.
Step 2: Install ReiKey
When the installation program opens, click the "Install" button to install ReiKey on your MacOS system.  Checking your MacOS computer for malware and keyloggers ” width=”532″ height=”532″ style=”max-width:532px;height:auto;”/>