AfterDawn: Tech news

MacKeeper used no protection, exposes 13 million customer records

Written by Andre Yoskowitz @ 15 Dec 2015 9:57 User comments (8)

MacKeeper used no protection, exposes 13 million customer records Mac anti-virus provider MacKeeper has exposed 13 million customer records and left customer passwords vulnerable to cracking.
White hat researcher Chris Vickery said he found four IP addresses that directed him straight into the company's MongoDB database, where names, emails, usernames, password hashes, phone numbers, system info and IP addresses were all stored without protection (for the most part). The passwords were using the easily crackable MD5 hash, although they weren't even salted.

Even more shocking was that the database did not require any kind of administrator password or username to get in. Vickery used the Shodan 'hacker search engine' to find the open database.

Vickery tried to contact the company first but could not get through so he posted the issues on Reddit. The company then responded and fixed the issues within hours. "Analysis of our data storage system shows only one individual gained access performed by the security researcher himself. We have been in communication with Chris and he has not shared or used the data inappropriately," the MacKeeper team wrote in a blog post.



Source:
Forbes

Previous Next  

8 user comments

116.12.2015 13:36

HA HA HA!

This is for all those that think "Apple this" and "Apple that" is where the sidewalk ends and that Apple products (3rd party or other) are infallible.

Apple networks have just as many flaws and issues as a Windows network.

For those that don't believe......well then...STFU!

As a network engineer, been there and done that. Apple is a bitch, plain and simple. God help anyone that has issues that can't be fixed by the Apple device itself 'cause you gonna be callin' a 'genius', likely to no avail.

216.12.2015 17:17

As a Mac user for almost 8 years, I've NEVER used any type of anti-malware and have had NO problems and this sure is a great reason to keep going on doing the same.

316.12.2015 20:09

fb2075, that is being stupid. just finished repairing an imac because of bad sectors in it. installed new hard drive & loaded el capitan in it & recovered their data except for the ones affected by the bad sectors off the old hd. installed & ran avast for macs which found stuff that I got rid of so you can't say macs don't get infected because they do.

417.12.2015 01:38

Originally posted by ddp:
fb2075, that is being stupid. just finished repairing an imac because of bad sectors in it. installed new hard drive & loaded el capitan in it & recovered their data except for the ones affected by the bad sectors off the old hd. installed & ran avast for macs which found stuff that I got rid of so you can't say macs don't get infected because they do.
Yes, there is a small amount of malware out there for Macs, but if I've ever had any, I sure didn't notice it in any way.

517.12.2015 03:35

Originally posted by fb2075:
Originally posted by ddp:
fb2075, that is being stupid. just finished repairing an imac because of bad sectors in it. installed new hard drive & loaded el capitan in it & recovered their data except for the ones affected by the bad sectors off the old hd. installed & ran avast for macs which found stuff that I got rid of so you can't say macs don't get infected because they do.
Yes, there is a small amount of malware out there for Macs, but if I've ever had any, I sure didn't notice it in any way.
Saw this, and just wanted to say that the best malware is one that you don't notice. Some hog system resources, and there are some out there that will actually delete others so that people will not notice that they are there from how the computer is behaving.

No matter what the operating system, you should be running something as an antivirus to help prevent issues before they happen... once your computer gets hit, it is a pain to fix and I prefer to wipe them entirely and start anew.

617.12.2015 23:09

Originally posted by fb2075:
Originally posted by ddp:
fb2075, that is being stupid. just finished repairing an imac because of bad sectors in it. installed new hard drive & loaded el capitan in it & recovered their data except for the ones affected by the bad sectors off the old hd. installed & ran avast for macs which found stuff that I got rid of so you can't say macs don't get infected because they do.
Yes, there is a small amount of malware out there for Macs, but if I've ever had any, I sure didn't notice it in any way.
Virus writers have no reason to write for Macs since there is only 9 percent share of the entire market. Easier to try to infect the 90 percent

718.12.2015 08:23

Originally posted by DVDBack23:
Originally posted by fb2075:
Originally posted by ddp:
fb2075, that is being stupid. just finished repairing an imac because of bad sectors in it. installed new hard drive & loaded el capitan in it & recovered their data except for the ones affected by the bad sectors off the old hd. installed & ran avast for macs which found stuff that I got rid of so you can't say macs don't get infected because they do.
Yes, there is a small amount of malware out there for Macs, but if I've ever had any, I sure didn't notice it in any way.
Virus writers have no reason to write for Macs since there is only 9 percent share of the entire market. Easier to try to infect the 90 percent

Just like it's better to go to McDonalds than any other restaurant. ;-)

819.12.2015 23:33

Macs have a lot of protection, as others note above, from their lower market share, but OSX really is somewhat more resistant to infection, by design (remember, I only said "somewhat" - lol), much as UNIX and Linux, are and for similar reasons.

That said, OSX regularly holds the record for least resistance to in-person attacks during "black hat" conferences which is not particularly impressive. We're talking about times under 15 seconds!

The real secret is that NOTHING can keep users completely safe against, well, themselves and their own actions, but not having a given type of protection is not necessarily as stupid as it may seem. For example, even though I regularly install pirated software (mostly games) on my Windows PC, I get malware so rarely that I've turned off my antivirus; my infection rate hasn't gone up at all (and yes, I do know what - and how - to look for)! Why? Common sense and I only use known sources.

If I'm worried about a particular bit of software, I'm much more likely to run Comodo's "HIPS" (real-time heuristics module) than any standard antivirus. No antivirus has ever been truly capable vs. "zero-day" threats without some similar type of process. Downloadable definitions, by their very nature, are always a step or two behind the game.

Tl;dr? For most people, yes, running no antivirus is probably a dire mistake, no matter what kind of computer/OS you have. But this is NOT universal.

This message has been edited since its posting. Latest edit was made on 19 Dec 2015 @ 11:35

Comments have been disabled for this article.

News archive