Keystroke Logger Question

[User24]

I have a macbook and accidentally went to a website that put up scareware with a pop up and I couldn't force quit so I had to click ok and then force quit, re open, and then quit the tab. Did I get a keystroke logger or any type of virus from just clicking ok? I didn't see anything downloading if that helps. Thanks

update- The website was mconnel.com I found out by going back to the link and it redirected me to a different website.

 

[baburajiv2007]

I dont really think so.
May I ask which site you were browsing?

And for the future, if you are using chrome, i'd recommend you to use adblock plugin, to block out all the ads.
Its available for almost all the browsers, I believe.

 

[User24]

I dont really think so.
May I ask which site you were browsing?

And for the future, if you are using chrome, i'd recommend you to use adblock plugin, to block out all the ads.
Its available for almost all the browsers, I believe.

Gotcha, I was going on a website for an ebook and typed in mcconnel.com but it took me to a place that was www.-cm.com. I get really paranoid haha

 

[WyomingKnott]

Are you running security software? Or does the OS have that built-in and my question shows that I am an ignorant PC bigot?

 

[mcnumpty23]

think the myth that macs arent vulnerable has long been shattered--install security software

 

[User24]

Are you running security software? Or does the OS have that built-in and my question shows that I am an ignorant PC bigot?

I think it has some sort of OS security but I also have Avast

 

[User24]

think the myth that macs arent vulnerable has long been shattered--install security software

I do have Avast but will it protect me from a keystroke logger?

 

[eatmypie]

Normally with scareware there isn't much to worry about as long as you didn't fall for anything like buying fake software, or click on something to download truly malicious code. So I'm pretty sure it just was a low level threat that only targeted your browsers java to try to trick you into buying or clicking on something, as long as you didn't agree or clicked on anything you are most likely not infected. Just clear your browser of cookies,history etc... You should be good.

 

[User24]

Normally with scareware there isn't much to worry about as long as you didn't fall for anything like buying fake software, or click on something to download truly malicious code. So I'm pretty sure it just was a low level threat that only targeted your browsers java to try to trick you into buying or clicking on something, as long as you didn't agree or clicked on anything you are most likely not infected. Just clear your browser of cookies,history etc... You should be good.

Cool, thanks! The only thing I clicked was ok a couple of times after it kept repeating the same message. Was that ok? Thanks for the reply!

 

[eatmypie]

Do you remember what the pop ups said when you clicked okay?

 

[User24]

Do you remember what the pop ups said when you clicked okay?

I don't remember but it was just saying all of these things that could happen with the "Virus" I have. Once I clicked ok it just kept popping up over and over again. So I'm assuming it wasn't downloading anything if it just kept coming up. When I checked chrome for downloads there wasn't anything either and was never asked to install anything. Thanks for helping me out!

 

[eatmypie]

Yeah you should be fine, I did a little bit of the java script on the site while also monitoring other things in my work VM that I use for malware analysis, it didn't download anything make any changes to the registry, phone out to any servers, nothing. The only thing it did was launch a piece of java to spawn that window with the scareware popup. I'm also pretty sure that website is just simply meant to just be used as a redirect website because most of the time with websites like this I've noticed that they all use the robots.txt so they can't get their website crawled. If you want a good example of this just Google .SU and you will notice tons of websites that have that same characteristic because SU is no longer being used for anything legitimate anymore.

 

[User24]

Yeah you should be fine, I did a little bit of the java script on the site while also monitoring other things in my work VM that I use for malware analysis, it didn't download anything make any changes to the registry, phone out to any servers, nothing. The only thing it did was launch a piece of java to spawn that window with the scareware popup. I'm also pretty sure that website is just simply meant to just be used as a redirect website because most of the time with websites like this I've noticed that they all use the robots.txt so they can't get their website crawled. If you want a good example of this just Google .SU and you will notice tons of websites that have that same characteristic because SU is no longer being used for anything legitimate anymore.

Thank you so much man. I really appreciate you doin that for me!