I believe you have the story slightly incorrect. A hacker exploited a vulnerability in an old version of Plex that had not been updated despite multiple prompts. Plex didn’t install a key logger.