I got keylogged. Was it Key Clone?

[Vyndree]

Also, I'm surprised nobody mentioned this...

WHERE did you buy keyclone? If it's anything other than solidice.com/keyclone, you've got yourself a lovely keylogger with its owned cracked illegal version of keyclone.

Do a virus scan, go contact a GM either on the forums or in-game immediately, change your account password/email address password (particularly if they share the same password) from a CLEAN computer, don't log into ANYTHING on the infected computer, and get yourself cleaned up asap.



The OP is right at least in one part -- everyone ought to be careful and smart about what they install so that they can protect themselves from hackers/keyloggers. Tying the reason for the hack to keyclone seems to be a bit of a stretch, but reasonable if you've got yourself an illegal cracked version.

Here's my community service message: Don't download cracked software



In finality, I know of no person who purchased keyclone legally to have gotten any viruses/keyloggers from that program. More likely, they were downloading "other" various things or sharing their account information with goldfarmers/powerlevelers/not-so-good friends. Or they just like clicking the "The girl is so sex! Which girl you like? I like the secone" links on the wowforums.

[tooboxinit]

I dont know about keylogging but i know keyclone gave me a virus!! I downloaded it and now it burns when i pee!! darn you keyclone!!

[mtp1032]

KeyClone != Keylogger.

Anyone wanna bet this guy logged into one account, then logged into the 2nd account with keyclone active and broadcast his username and password to Shattrah?

Great advice!!!! This actually happened to me. I caught it in time, but had I not been paying attention the world would have known of my account name and password. Now, I never run Keyclone in the background and always start it up AFTER starting up my toons.

Cheers,

[tooboxinit]

another thing is that you should be using the feature on keyclone where it opens all your wow windows with the user names inputed already, i only have to type in my password when i start my accounts, even if i did accidently spam that in the world, impossible, people woulnt knpow my account names anyhow. I put in my password into my accounts then i dont log any chars in untill all 3 are sitting at the char select screen.
and it still burns when i pee from the keyclone virus

[Damian]

The OP is right at least in one part -- everyone ought to be careful and smart about what they install so that they can protect themselves from hackers/keyloggers. Tying the reason for the hack to keyclone seems to be a bit of a stretch, but reasonable if you've got yourself an illegal cracked version.

Here's my community service message: Don't download cracked software

Vyndree is right, although I do concede one point to the OP. Just as with downloading cracked software, anytime you use an application that requires external authentication to run, you're potentially exposing yourself to having such data captured. Even with encryption schemes, if a determined troublemaker parses out the encrypted password from the stream, those same encrypted credientials can be spoofed in communication to that site or service by another party.

This information is protected by private businesses & large corporations because it would destroy their business to violate the trust of their users. People catch on and will stop using a site or service. The same applies to small entrepreneurs like KeyClone. If their software is going to be a keylogger they better be grabbing and exploiting everyone's encrypted credentials simultaneously, because word would get out very quickly and the long-term opportunity cost is forgoing any future sales or role in the community. In my mind that makes an intentional keylogging functionality built into the product an unlikely prospect.

Expanding on the idea of propagating secured credentials in an uncontrolled matter... Since pretty much everything we do online (such as this message board, paypal, worldofwarcraft, your email) requires you to provide this information you should not only change your passwords periodically, but also make your passwords distinct and unique from one another! Changing your passwords once a month is useless if all your accounts, services, and memberships all use the same password rotation. Also consider Vyndree's advice as golden: Cracking, is, by its nature, a manipulation of an executable process. If one can manipulate it to free it from requiring security/they can easily manipulate it to do other things as well.

[Xar]

I almost broadcast my username and password in regular chat when I first started too. If you're sure your system is totally clean then that might have been what happened.

Before I ever installed Keyclone I did a number of searches through Google trying to find if anyone reported anything fishy with it and could not find anything negative. Been using it for months now.

[Otlecs]

Anyone wanna bet this guy logged into one account, then logged into the 2nd account with keyclone active and broadcast his username and password to Shattrah?

Having done that myself at the very beginning, I'll put a few beer tokens on that being the case!!!

Fortunately, I was quick enough to realise what I'd done (the WoW in question was minimised) and no damage was done

[BGuru]

I don't believe Keyclone is a keylogger, at least the legit version of the program.
Kaspersky AV did identify the program as a keylogger but I believe that was because it was sending keys to my other computer and I just added the exe to be trusted.

[sikerdebaard]

Behold Keyclone, the root of all evil!

Actualy, some Virus / Adware scanners might detect KC as a keylogger, but this is probably due to it using some hooks that most keyloggers use. Ex. a global keyboard hook.

[Drakkun]

If you are ever unsure about an exe that you've downloaded, try uploading it to this website http://virusscan.jotti.org. It will scan the file with several different virus/malware scanners and let you know if its infected.