Results 1 to 5 of 5

Thread: Compromised Mac

  1. #1


    Member Since
    Feb 11, 2014
    Posts
    3
    Compromised Mac
    Hopefully the post monitor snobs allow this to be posted in this forum. I can't post it to Security Awareness.

    I recently had to reinstall everything on my Mac Book Pro and iPhone because I had thought I picked up a keystroke logger virus from a link I cut and paste into Safari from a troll box on a crypto coin trading site. Short of the shady management and operations of the site owner and admins the crypto coin exchange site will remain unnamed. The reason I think I had a logger is because, I was logged into the crypto exchange and someone was able to log into my account and boot me off while I was logged in. They started to sell off my crypto coins. So to be safe I backed up necessary files and wiped my hard drive clean with a reinstall of both my Mac Book Pro and my iPhone. Is there a way to double check my Mac is clean and how do I use my Mac to double check thumb drives that are potentially infected. I want to make sure my laptop is clean before I plug in my iPhone and co-mingle everything again. Thank you.

  2. #2

    Slydude's Avatar
    Member Since
    Nov 15, 2009
    Location
    North Louisiana, USA
    Posts
    10,319
    Specs:
    2.8 GHz MacBook Pro 10.11, 8 GB mem, iPhone 6+
    Not sure why you couldn't post this here or what is meant by "post monitor snobs". The site was a little balky when I tried to move the post so maybe things are being a bit slow tonight.

    As far as your question is concerned I'll have to leave a thorough answer to folks more well-versed in this area than I am. One possibility that occurs to me is that the password wasn't swiped by a key logger on your Mac but by other means such as gaining the information from the site you were going to or via a "man in the middle attack".
    Sylvester Roque Former Contributing Editor About This Particular Macintosh

    "Got Time to breathe. You got time for music." Denver Pyle as Briscoe Darling

  3. #3


    Member Since
    Jan 22, 2010
    Location
    Victoria, BC
    Posts
    20,911
    Specs:
    Mid-2012 MBP (16GB, 1TB HD), Monoprice 24-inch second monitor, iPhone 5s 32GB, iPad Air 2 64GB
    1. Malware ≠ virus.

    2. I suspect this covers exactly what happened to you: Briefly: Thunderbolt RAID storage, OS X Bitcoin Trojan Horse theft | Electronista (scroll down a bit)

    3. Trojans are also not viruses.

  4. #4


    Member Since
    Feb 11, 2014
    Posts
    3
    fix?
    So how do I fix my problem? I did what I thought was a complete reinstall of my os. I'm still experiencing problems at the exchanges and other areas. This problem is really frustrating and a huge impairment. The problems I'm experiencing are logins at Cryptsy. I have also experienced the same problem at MTGox with their "green" address bar. There is a green security text that is supposed to appear in the address bar. The green text is not always present which leads me to think the trojan is still present or I'm part of some sort of man in the middle attack. What are some of the other possibilities and fixes to the problems I'm having. Most important what are my fix options. Mirroring?

  5. #5

    bobtomay's Avatar
    Member Since
    Dec 22, 2006
    Location
    Texas, where else?
    Posts
    26,485
    Specs:
    15" MBP '06 2.33 C2D 4GB 10.7; 13" MBA '14 1.8 i7 8GB 10.11; 21" iMac '13 2.9 i5 8GB 10.11; 6S
    Quote Originally Posted by DragerMAC View Post
    ... The problems I'm experiencing are logins at Cryptsy.
    What sort of problem?
    If someone has guessed your password and logged into your account, have you used the 'Forgot Password' link in the log in box to have your password reset and have an email sent to you?

    If someone did guess your password - wiping your machine would do nothing to cause them to forget that password.

    I have also experienced the same problem at MTGox with their "green" address bar. There is a green security text that is supposed to appear in the address bar. The green text is not always present ...
    I've run into very few sites that have "every" page on their site encrypted. You would need to ask MTGox about any particular pages and whether they should be appearing encrypted.
    I cannot be held responsible for the things that come out of my mouth.
    In the Windows world, most everything folks don't understand is called a virus.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. I've had my emails compromised but no idea how
    By photomegus in forum OS X - Operating System
    Replies: 4
    Last Post: 01-16-2015, 04:46 PM
  2. Account /Apple ID compromised
    By domlanic in forum OS X - Apps and Games
    Replies: 10
    Last Post: 10-31-2014, 01:05 PM
  3. My OS X 10.9.1 seems compromised.
    By PaulRanger1 in forum OS X - Operating System
    Replies: 8
    Last Post: 03-08-2014, 08:17 PM
  4. Is my Mac compromised?
    By pannix in forum OS X - Operating System
    Replies: 6
    Last Post: 09-18-2013, 12:30 PM
  5. Compromised ipod:
    By Driver in forum iOS and Apps
    Replies: 2
    Last Post: 12-30-2009, 08:34 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •