search

objective-see / ReiKey

Malware and other applications may install persistent keyboard "event taps" to intercept your keystrokes. ReiKey can scan, detect, and monitor for such taps!
GNU General Public License v3.0
326 stars 36 forks source link

ReiKey alerting on relatived #21

Open securitygeneration opened 3 months ago

securitygeneration commented 3 months ago

Had ReiKey alert for the first time in a long time, and surprisingly it's alerting on /usr/libexec/relatived

image

I have Ignore Apple Programs checked. Any idea why this is getting caught?

turbostar commented 1 month ago

I have been using Reikey for several years. I have never had a logged event. After installing Sequoia 15.0.1 for the first time I had relatived pop up a day or 2 later under Reikey. The process remained until I restarted. I tracked it using ActivityMonitor and all I saw was that the process remained. The box "Ignore Apple Programs" was already checked in Preferences. I unchecked it and rechecked the box. That was the only warning I have received. If I uncheck "Ignore Apple Programs" and "reScan" Reikey, then I have 5 processes active. Checking the same box again and rescanning yields a blank screen. I have no idea what relatived is. Is this some sort of daemon? As above, it's located in /usr/libexec/relatived.