Hackers Exploit MacKeeper Flaw To Spread OS X Malware

An anonymous reader writes: Controversial OS X 'clean-up utility' MacKeeper is being exploited by cybercriminals to diffuse Mac malware OSX/Agent-ANTU, according to the BAE cyber security unit. A single line of JavaScript on a malicious web-page is enough to hand over control of the user's system via MacKeeper. Lead security researcher Sergei Shevchenko said 'attackers might simply be 'spraying' their targets with the phishing emails hoping that some of them will have MacKeeper installed, thus allowing the malware to be delivered to their computers and executed,' The malware enables remote control over commands, uploads and downloads, and the setting of execution permissions, as well as granting access to details of VPN connections, user names, and lists of processes and statuses.

wow, the joke is not really a joke

[sribe]

So the first thought I had on reading the title was the predictable joke about MacKeeper being malware. But from reading the article, it sounds to me like MacKeeper installs a custom URL handler, which directs to a process that they installed which parses a command script from the URL and executes it. So, a component which allows any web site to run code outside your browser. That's malware, not in the sarcastic "less-than-useless" sense, but in the literal "actively installs attack vectors" sense.