Slashdot Mirror

← Back to Stories (view on slashdot.org)

MacKeeper Discloses 13 Million Mac Users' Details With Poor Hash Protection (mackeeper.com)

Posted by Soulskill on from the of-barn-doors-and-horses dept.

An anonymous reader writes: Mac security software suite MacKeeper is recovering after a hack leaked millions of users' personal information. Kromtech, the software developer, confirmed that it had received notice of the hack yesterday, discovering a hole in its security which was exposing customer usernames, email addresses and other personal data for as much as 13 million users. The hole was patched within a matter of hours after security researcher Chris Vickery had published details of the error over the weekend. Vickery, who had been unfamiliar with both MacKeeper and Kromtech, explained that he had discovered the security fault by browsing the connected devices search engine Shodan.io.

72 comments

  1. So MacKeeper is actually real?!? by pipedwho · · Score: 4, Insightful

    With the amount of "MacKeeper" subterfuge style pop-up ads that appear all over the place, I've always assumed that it was a scam. Kind of like the random calls you get from India saying your Windows machine has a virus - even if you don't use Windows.

    1. Re:So MacKeeper is actually real?!? by Anonymous Coward · · Score: 1

      My mother recently phoned me to ask me to come over for a roast dinner, and by the way, her mac wasn't working right. I found the problem to be some borderline-ware called "mackeeper" to be the problem. Basically, this is a suite of technical utilities that are of borderline value on a modern computer, and on balance, are probably worse than just running a bare OS.

      So, I uninstalled it, and the system started running fine; nice and responsive, etc.

      This lasted a couple of hours, until I hear shouting, "where is my mackeeper?".
      "I uninstalled it, it's the cause of the problems"
      "Put it back, it's very expensive"...

      Sure enough, it has a month-by-month subscription price plan, and long contracts.

    2. Re:So MacKeeper is actually real?!? by Anonymous Coward · · Score: 1

      It exists, but its total crapware.

    3. Re:So MacKeeper is actually real?!? by Anonymous Coward · · Score: 1

      It is a scam, just a different one than you thought. Just look at their web page for what they offer. 11 of the 16 "apps" are built in to Mac OS X. They sell you someone else's AV engine that you can get for free. That leaves a duplicate file finder, a temp/junk cleanup, "smart uninstaller" and an app that makes sure your 3rd party apps are up to date.

    4. Re:So MacKeeper is actually real?!? by PhunkySchtuff · · Score: 2

      Ah, the old Sunk Costs Fallacy.
      My brother in law had a similar issue on his Windows laptop. I determined the cause to the the crap antivirus he was running (either Nortons/Symantec or McAfee).
      Told him that it was causing the problem and I was going to uninstall it.
      He wouldn't let me because he'd just renewed the subscription for it, so still had 10 months to go.

      In hindsight, it was one of the best decisions he made, as from that point forwards I had a valid reason to refuse any computer support whatsoever.

      --
      Specialist Mac support for creative pros, Melbourne
    5. Re:So MacKeeper is actually real?!? by Ol+Olsoc · · Score: 1

      With the amount of "MacKeeper" subterfuge style pop-up ads that appear all over the place, I've always assumed that it was a scam. Kind of like the random calls you get from India saying your Windows machine has a virus - even if you don't use Windows.

      Yes - MacKeeper is for all intents and purposes, Malware. Avoid at all costs.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    6. Re:So MacKeeper is actually real?!? by speedlaw · · Score: 2

      I get those windows calls frequently. I always mention that I was attempting to download some porn, and it didn't load. They want to help. I describe the (fictional) porn in detail. Surprisingly, many of the scammers have a real problem with an amy schumer-ese description. Fun times, and the longer I keep them on the phone, the less time they have to scam a real potential target. I once had to mention that I didn't have a windows key, I have some sort of apple icon on my keyboard....at the ten minute mark.

    7. Re:So MacKeeper is actually real?!? by Anonymous Coward · · Score: 0

      Installing homebrew and some basic UNIX tools will give you the same functionality for a lot less cash. Only thing that isn't free is an AV program... but other than for the checkbox or legal eagle stuff, AV isn't needed much on any platform these days.

    8. Re:So MacKeeper is actually real?!? by Anonymous Coward · · Score: 0

      On a Windows system, and an educated user? Most certianly I'd agree. The average user running IE however? I've dealt with 4 Cryptolocker & similar infections this year alone. Got the PC, and the network shares each time. Thankfully 1 had a crappy Windows backup running that somehow ran once a week, ad overwrote each time. We were on day 6 when they called. Two of the others had proper backups, but they lost a few days work in the process. The last one was a cheapass, didn't rotate backups (they PAID for the second set of drives which were sitting there blank), didn't call until a week in when their backups were of just encrypted files since they were so cheap their backups drives weren't very big, and didn't want to pay for offsite backups. Their cheapness cost them 3.5BTC, and a few days of downtime while they wrangled with the issue.

    9. Re:So MacKeeper is actually real?!? by KGIII · · Score: 1

      No, my niece's kid isn't old enough to be fixing the computer. *sighs* I am not a Mac user but my niece, bless her, wanted and got a Mac. This has meant many calls to help fix her Mac. I don't know anything about them. One of the first issues was MacKeeper but I managed to figure that one out.

      She wanted to install AV (no, I do not know why) and MacKeeper would not let her. So, this went around for a while and finally I figured out MacKeeper wasn't Mac software. It took a bit of Google-fu and a few phone calls.

      --
      "So long and thanks for all the fish."
    10. Re:So MacKeeper is actually real?!? by AmiMoJo · · Score: 1

      Bonus points for effort. I usually just tell them "oh yes, I'm glad you called, let me just put you on hold for a sec while I run down to the office, takes two minutes", hit mute and see how long it takes them to realize I'm not coming back. My record so far is 8:37.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    11. Re:So MacKeeper is actually real?!? by Anonymous Coward · · Score: 0

      There are many free antivirus programs out there. Mackeeper's licensed engine, Avira, offers one for free on Macs as well.

    12. Re:So MacKeeper is actually real?!? by macs4all · · Score: 1

      No, my niece's kid isn't old enough to be fixing the computer. *sighs* I am not a Mac user but my niece, bless her, wanted and got a Mac. This has meant many calls to help fix her Mac. I don't know anything about them. One of the first issues was MacKeeper but I managed to figure that one out.

      She wanted to install AV (no, I do not know why) and MacKeeper would not let her. So, this went around for a while and finally I figured out MacKeeper wasn't Mac software. It took a bit of Google-fu and a few phone calls.

      Tell her to stop thinking of her Mac as just a Windows machine with a different Logo, and she'll be fine. And then set her up with a nice, NON-ADMIN User Account, so she can stop ruining her own System by installing A/V CRAP that Mac Users simply don't need.

      Then, for bonus points, Enable VNC (Screen Sharing) on her Mac (and Port-Forward Port 5900 to her machine), then YOU can log in with any VNC Client and Install stuff for her in a more, um, "controlled" manner...

    13. Re:So MacKeeper is actually real?!? by macs4all · · Score: 1

      MacKeeper is for all intents and purposes, Malware. Avoid at all costs.

      ALL OS X "Anti-Malware" software is for all intents and purposes, Malware. Avoid at all costs.

      FTFY.

    14. Re:So MacKeeper is actually real?!? by KGIII · · Score: 1

      I don't like her that much. She has that Apple Care, extended stuff, now. ;-) I like her *that* much.

      --
      "So long and thanks for all the fish."
    15. Re:So MacKeeper is actually real?!? by macs4all · · Score: 1

      I don't like her that much. She has that Apple Care, extended stuff, now. ;-) I like her *that* much.

      LOL, Ok!

      I just know how we all get roped-into those "Family Tech-Support" gigs... ;-)

    16. Re:So MacKeeper is actually real?!? by KGIII · · Score: 1

      I am only a little smarter than that. I did, for a spell, end up being the computer guy for an entire small NW Maine town - including helping an elementary school's IT guy out. It's easier to just buy 'em stuff that works. :/ Considering what my time is worth, at least to me, it's quite possibly cheaper.

      --
      "So long and thanks for all the fish."
    17. Re:So MacKeeper is actually real?!? by Anonymous Coward · · Score: 0

      In hindsight, it was one of the best decisions he made, as from that point forwards I had a valid reason to refuse any computer support whatsoever.

      You're saying he benefited from you not tinkering with his Mac anymore?

  2. Bad summary, no hack involved by PRMan · · Score: 3, Insightful

    FTA:

    ‘The data was/is publicly available. No exploits or vulnerabilities involved. They published it to the open web with no attempt at protection,’ Vickery wrote in a Reddit post. He noted that Kromtech was alerted and was able to quickly patch the vulnerability.

    There was no need for a hack because it was published to the open web!

    --
    Peter predicted that you would "deliberately forget" creation 2000 years ago...
    1. Re:Bad summary, no hack involved by zlives · · Score: 2

      in the world where the ability to google equates to technical knowledge... reading is hacking.

  3. Big news by antifoidulus · · Score: 5, Funny

    This is really big news, 13 million Mac users were gullible enough to buy MacKeeper!

    --
    Monstar L
    1. Re:Big news by bughunter · · Score: 1

      I suspect the database wasn't all paying customers, but also ex-customers and anyone who created a username::password combo, and maybe even contact lists purchased from other equally shady sites.

      --
      I can see the fnords!
    2. Re:Big news by Anonymous Coward · · Score: 0

      That's not news. Look how many people are voting for republicans, and democrats.. They're a bunch of idiots! MacKeeper was made for them... I betcha that weirdo apk is responsible. This is right up his/her "alley".. if you get my drift...

    3. Re:Big news by plover · · Score: 2

      This is really big news, 13 million Mac users were gullible enough to buy MacKeeper!

      Just think how valuable that list really is. Those are people who are proven dumb enough to spend money on MacKeeper. If you had a copy and sent them just one or two mailings, you could probably get most of them to buy homeopathic medicines, copper bracelets, crystal pendants, and maybe donate to your Church of Perpetual Income.

      Come to think of it, maybe that's MacKeeper's biggest revenue stream: renting out their list of proven suckers.

      --
      John
    4. Re:Big news by ruir · · Score: 3, Insightful

      Gullible in an understatement. Buying something that spams you opening their website while opening other pages, or with adverts get your Mac "faster" is so stupid that beggars belief. mackeeper site used to be pinnned to 127.0.0.1 in my hosts file, and nowadays is black holed in my DNS server.

    5. Re:Big news by Bing+Tsher+E · · Score: 1

      I'm shocked that there are actually 13 million Mac users. How are they supposed to feel elite and stuff if there are that many of them.

      Apple: you need to raise the prices some more.

    6. Re:Big news by Anonymous Coward · · Score: 0

      I'm shocked that there are actually 13 million Mac users. How are they supposed to feel elite and stuff if there are that many of them.

      Apple: you need to raise the prices some more.

      There are only a million Mac users - the other 12 million are PC users who downloaded the software because an ad told them to.

    7. Re:Big news by macs4all · · Score: 1

      I'm shocked that there are actually 13 million Mac users. How are they supposed to feel elite and stuff if there are that many of them.

      Apple: you need to raise the prices some more.

      Then I guess you'd be apoplectic to learn that, as of 2012 (the most recent figure I could find), there are actually 60 million Mac users worldwide.

    8. Re:Big news by Bing+Tsher+E · · Score: 1

      I've downloaded Mac.... stuff. I've not put in the time yet to get it to run on Virtual Box.

  4. Re:Welcome to the game, Apple by Anonymous Coward · · Score: 0

    How is MacKeeper Apple's tech? Did I miss something here?
     
    It's certainly not the first data leak from the an Apple platform but MacKeeper has as much to do with Apple as Symantec has to do with Microsoft.
     
    Don't be one of those asshats that blame someone because of what a third party manufacturer fucked up.

  5. Big Deal! by Cornwallis · · Score: 1

    I almost mean that. Over the weekend I received a marketing email from our electric utility - Green Mountain Power - detailing their new program to provide Tesla Powerwalls to interested customers as part of a new program.

    The problem was instead of blind copying the HUNDREDS OF RECIPIENTS they included all our email addresses in the TO: field exposing our names & addresses to everyone who got the message (in violation of their own Privacy Policies). I replied, basically asking them "WTF?" and wondered if they were as careless with their SCADA systems...

    The response I got from one of their marketing droids was classic:

    "Thanks so much for your email about our mistake in not bcc’ing our Tesla email list. We are very excited about the offering and made a mistake in the way we communicated with you all with the latest news. I tried to give you a call this afternoon to apologize and chat with you about it.

    "Would love to connect, please let me know when might be a good time and way to reach you.

    "All the best,
    Betsy"

    I asked her why on earth I would want to "connect" with her and, well, I haven't heard back... not that I expect to.

    My point being - this carelessness, lack of concern about privacy, haphazard security all has led me to all but abandon the web which is depressing considering my job IS, for the most part, web-oriented. Not at home any more. And I'm slowly but surely extricating all my online persona since nobody seems to do it right and I'm tired of preaching about it to people who don't give a shit. And why should they? There are no consequences.

    There. I feel much better now.

    1. Re:Big Deal! by Anonymous Coward · · Score: 0

      I asked her why on earth I would want to "connect" with her and, well, I haven't heard back..

      She may have been offering a free shot at some shagworthy firecrotch, you ought to call her back.

    2. Re:Big Deal! by KGIII · · Score: 1

      She's got Down's from the look of her fivehead.

      --
      "So long and thanks for all the fish."
    3. Re:Big Deal! by omnichad · · Score: 1

      I replied, basically asking them "WTF?" and wondered if they were as careless with their SCADA systems...

      I'm sure it would have taken down your email for an afternoon, but you should have just replied-all to get the ball rolling.

    4. Re:Big Deal! by The-Ixian · · Score: 1

      As a contractor at some big companies, it was always fun to watch the reply-all to HUGE distribution lists.

      The mix of confusion, frustration and attempts at control as everyone replied to all was always an afternoon's worth of entertainment.

      --
      My eyes reflect the stars and a smile lights up my face.
    5. Re:Big Deal! by omnichad · · Score: 1

      I'm surprised that internal email systems don't have a method of shutting down "Reply-All Storms" (I coined a phrase! Tee he!). All you'd have to do is put a filter on the Message-ID and any email that's in reference to it with more than one recipient could be deleted (with an email back to the original sender saying so).

  6. Re:Welcome to the game, Apple by Anonymous Coward · · Score: 0

    Which Apple hardware or software was targeted in this case?

  7. Surprised at those numbers... by Anonymous Coward · · Score: 0

    Wow, that's a huge number of Mac users. I work as a Mac specialist (have now for over 20 years) and maybe I just do a better job of educating my clients than most, but I would put the number of machines I've actually seen MacKeeper on at under a dozen. Total. Out of many, many hundreds or even thousands of machines I've worked on since it became a threat. That 13 million users would download such an obvious scam is disheartening. Then again, the entire scamware and malware thing wasn't a huge issue on the Mac platform for most of the platform's history. Sure, there were a few things around back in the classic System days, but even those were pretty hard to come by and you didn't encounter them all that often.

  8. So now we know... by Anonymous Coward · · Score: 0

    That YouPorn has at least 13 million users...

  9. Re:Welcome to the game, Apple by Anonymous Coward · · Score: 0

    The DB belonged to MacKeeper, which is one of those scam tune-up scareware programs that you get popups for on pirate bay and porn sites. Any of the compromised accounts were already compromised by virtue of being in MacKeepers DB.

  10. Impressive response by Anonymous Coward · · Score: 0

    with companies like Apple and Microsoft it's often months before they agree to fix and close vulnerabilities. They take Mac security more serious than Apple themselves, which says a lot about Apple...

  11. Ah, a court jester by Anonymous Coward · · Score: 0

    Ah a court jester who doesn't even know that MacKeeper is basically scamware or garbageware.

    I love it when knowledgable people share their comments.

    "I am NOT an Apple user" he says --- no kidding!

  12. Re:Welcome to the game, Apple by Silverhammer · · Score: 1

    That's nonsense. It was just some random site that got hacked. The fact that it happens to be associated with a Mac product is irrelevant. If the news was that purplekittens.com got hacked, would you say "It's a good thing that purple kittens are getting attacked like green dogs have been attacked in the past!"?

  13. Article Correction by redback · · Score: 3, Insightful

    First line should read

    Mac malware vendor Mackeeper

    1. Re:Article Correction by U2xhc2hkb3QgU3Vja3M · · Score: 2

      Do you really want to associate malware vendors with these scumbags?

  14. Re: Welcome to the game, Apple by Anonymous Coward · · Score: 0

    I bet now that you've had time to think about it, you regret this post. But don't! It appears you've won the Duncical Internet Post (DIP) award for Tuesday 15 December. Congratulazioni!

  15. MacKeeper is bad news! by rcase5 · · Score: 2

    I was trying to download LibreOffice and somehow wound up with MacKeeper. The installation process didn't even tell me what it was. Once I realized it was a scam (which didn't take very long), it was a bitch to get rid of! It has processes that would respawn after they were killed. That's not a good sign, especially for something that isn't essential to system functionality. And it kept starting up on boot-up even if you moved it to the trash. You had to empty the trash and remove some files in Library in order to totally get rid of it.

    I'm almost thinking this is a planted story (not on /. part) so they look legit and people keep MacKeeper on their systems. I agree with others, 13 million sounds very high. They have some brass balls!

    1. Re:MacKeeper is bad news! by Anonymous Coward · · Score: 0

      Why were you trying to download LibreOffice from a porn site?

    2. Re:MacKeeper is bad news! by U2xhc2hkb3QgU3Vja3M · · Score: 2

      I think he downloaded LibreOrifice by mistake.

    3. Re:MacKeeper is bad news! by Anonymous Coward · · Score: 0

      Probably tried to download it from DICE subsidiary SourceForge.

    4. Re:MacKeeper is bad news! by michelcolman · · Score: 1

      I had a similar experience after downloading a bittorrent client. Start installation, continue, agree to the terms, continue, location of the installation, continue, continue, optional installation of MacKeeper, continue,... Hey, why do I suddenly have MacKeeper on my system? I uninstalled it right away, which indeed wasn't straightforward.

  16. Re:Welcome to the game, Apple by Anonymous Coward · · Score: 0

    MacKeeper is scam ware that has been around a long time, its not new.

    I'm staggered they got 13 million users

  17. MacKeeper?! Holy shit! by fustakrakich · · Score: 1

    I thought they were some spyware thing. Who the hell is using that?

    --
    “He’s not deformed, he’s just drunk!”
    1. Re:MacKeeper?! Holy shit! by Anonymous Coward · · Score: 0

      Idiots.

  18. Mac keeper is malware by rolyataylor2752 · · Score: 5, Interesting

    It uses immorale advertising tactics to sell itself to people. Says they have viruses when they don't and scares old people.

    1. Re:Mac keeper is malware by ruir · · Score: 1

      No idea why this is down modded. As I commented in another thread the abuse is so rampant, that between shoddy tactics and opening up pages in unrelated sites to mac keeper site, I black hole it at DNS level.

    2. Re:Mac keeper is malware by Ol+Olsoc · · Score: 1

      No idea why this is down modded. As I commented in another thread the abuse is so rampant, that between shoddy tactics and opening up pages in unrelated sites to mac keeper site, I black hole it at DNS level.

      THIS! Also for those who don't block it, at least go to the real site for yer downloads. Doing a search on Libreoffice download shows a lot of sites like Cnet, Softonic, libreofficedownload.com, more downloads.com, Download.com (what?) only two of the pages of links go to libreoffice.org. the rest???

      The first thing many of these sites do when you try to download is the next screen you get you see what looks like the button you need, but no sir - it ain't, not at all. You gets a free gift even if you don't want one. Websearches are not our friends. Look at that url.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  19. Malware by midifarm · · Score: 1

    I've always been told MacKeeper is malware.

    1. Re:Malware by ruir · · Score: 1

      Any AV is worse than malware by definition. It just relies in your stupidity to propagate and some even extort you money in the process.

    2. Re:Malware by Dutch+Gun · · Score: 1

      Ransomeware like Cryptolocker or banking trojans like Zeus are far more damaging than what the worst of the AV products do. A statement like that either means you're ignorant about what real dangers malware can pose or are simply prone to statements slathered in a good helping of hyperbole.

      Note: I'm not defending MacKeeper, as it sounds like crap, but that's at a whole different level than real malware.

      --
      Irony: Agile development has too much intertia to be abandoned now.
  20. Re:Welcome to the game, Apple by Anonymous Coward · · Score: 0

    Which Apple hardware or software was targeted in this case?

    iOS devices running MacKeeper?

  21. Re:Welcome to the game, Apple by arbiter1 · · Score: 0

    Um well least MS fix's their flaw's in a timerly manner. crApple is hard pressed to do it within 2 months most the time. That is WITH the code to fix it within the day of a flaw being found. Flashback virus? Before people say it wasn't a flaw in apple's software, yea it did effect windows as well. But windows had fix the next day and took Apple 8 weeks to release the fix.

  22. MacKeeper - brought to you by Slashdot Media by DownWithTheMan · · Score: 5, Interesting

    Anyone else notice that tons of apps on SourceForge (owned by the same great overlord as /.) are bundling MacKeeper with the installer? Seriously, I've tried to grab a few apps from SourceForge recently only to find the app I'm trying to grab wrapped with some kind of crap-ware installer. Apparently it's wrapped at random and doesn't always happen to everyone. After seeing a few installers that I got from SF fail or never install my app or attempt to connect to the internet (and thankfully able to be stopped by Little Snitch), I did a few google searches to figure out WTF... Apparently SF has been doing this for a while now - and so really, I partially blame them for the fact that so many people have this kind of crap installed on their machines... See the reviews on FileZilla for some reviewers complaining about this very thing.

    1. Re:MacKeeper - brought to you by Slashdot Media by Dutch+Gun · · Score: 2

      ublock-origins blocks sourceforge as a malware site now, and while I occasionally override it to peek at some actual source code, I'm glad for the reminder to never download anything from that site. There was a kerfuffle a while ago when they started doing this, and despite some backpedaling after some initial bad press, the site should probably be considered toxic.

      http://www.howtogeek.com/21876...

      --
      Irony: Agile development has too much intertia to be abandoned now.
  23. Re:Welcome to the game, Apple by Anonymous Coward · · Score: 0

    You originally said: "Apple is starting to gain market share and now they're seeing targeting done towards their hardware and software."

    Then you said: "I was speaking more to the fact that people are TARGETING Apple related products more often. Not just Apple software/hardware."

    Dumbass.

  24. Really? by aldousd666 · · Score: 1

    I'm surprised that there are actually 13 Million MacKeeper users. What the actual...?!?!

    --
    Speak for yourself.
  25. Not surprising by hackertourist · · Score: 1

    Krom is a Dutch word that means 'crooked'. A company calling themselves that, well...

  26. The only additions in my hosts file... by thewils · · Score: 1

    Were because these asshats would prevent me from leaving the web page when I was redirected there...

    ##
    # Host Database
    #
    # localhost is used to configure the loopback interface
    # when the system is booting. Do not change this entry.
    ##
    127.0.0.1 localhost
    255.255.255.255 broadcasthost ::1 localhost
    fe80::1%lo0 localhost

    127.0.0.1 mackeeperapp.mackeeper.com
    127.0.0.1 www.mackeeper.com

    --
    Once I was a four stone apology. Now I am two separate gorillas.
  27. I had a friend with poor hash protection by Anonymous Coward · · Score: 0

    His stash disappeared as a result. Total bummer dude!

  28. Hrrm, guess the Mac "experts" here were wrong by Plumpaquatsch · · Score: 1

    Didn't they say that Mac users didn't believe Macs would need such tools? So why would they download them if that were the case?

    --
    Of course news about a fake are Fake News.