Patrick Wardle, a former NSA hacker who in recent years has become the de-facto expert on everything Mac malware, has created and released a Mac app that can detect certain types of macOS keyloggers.
Named ReiKey , Wardle created and released this new app towards the end of 2018, as the researcher started looking into the inner workings of macOS keyloggers.
“The majority of macOS malware that contains keylogger logic (to capture keypresses) does so via CoreGraphics ‘event taps’,” said Wardle.
ReiKey was specifically created to work around this common keylogger design pattern. Wardle’s app works by continuously scanning the operating system for newly registered CoreGraphics event taps.