MacKeeper used no protection, exposes 13 million customer records

MacKeeper used no protection, exposes 13 million customer records
Mac anti-virus provider MacKeeper has exposed 13 million customer records and left customer passwords vulnerable to cracking.

White hat researcher Chris Vickery said he found four IP addresses that directed him straight into the company's MongoDB database, where names, emails, usernames, password hashes, phone numbers, system info and IP addresses were all stored without protection (for the most part). The passwords were using the easily crackable MD5 hash, although they weren't even salted.



Even more shocking was that the database did not require any kind of administrator password or username to get in. Vickery used the Shodan 'hacker search engine' to find the open database.

Vickery tried to contact the company first but could not get through so he posted the issues on Reddit. The company then responded and fixed the issues within hours. "Analysis of our data storage system shows only one individual gained access performed by the security researcher himself. We have been in communication with Chris and he has not shared or used the data inappropriately," the MacKeeper team wrote in a blog post.

Source:
Forbes


Written by: Andre Yoskowitz @ 15 Dec 2015 21:57
Tags
security breach
Advertisement - News comments available below the ad
  • 8 comments
  • hearme0

    HA HA HA!

    This is for all those that think "Apple this" and "Apple that" is where the sidewalk ends and that Apple products (3rd party or other) are infallible.

    Apple networks have just as many flaws and issues as a Windows network.

    For those that don't believe......well then...STFU!

    As a network engineer, been there and done that. Apple is a bitch, plain and simple. God help anyone that has issues that can't be fixed by the Apple device itself 'cause you gonna be callin' a 'genius', likely to no avail.

    16.12.2015 13:36 #1

  • fb2075

    As a Mac user for almost 8 years, I've NEVER used any type of anti-malware and have had NO problems and this sure is a great reason to keep going on doing the same.

    16.12.2015 17:17 #2

  • ddp

    fb2075, that is being stupid. just finished repairing an imac because of bad sectors in it. installed new hard drive & loaded el capitan in it & recovered their data except for the ones affected by the bad sectors off the old hd. installed & ran avast for macs which found stuff that I got rid of so you can't say macs don't get infected because they do.

    16.12.2015 20:09 #3

  • fb2075

    Originally posted by ddp: fb2075, that is being stupid. just finished repairing an imac because of bad sectors in it. installed new hard drive & loaded el capitan in it & recovered their data except for the ones affected by the bad sectors off the old hd. installed & ran avast for macs which found stuff that I got rid of so you can't say macs don't get infected because they do. Yes, there is a small amount of malware out there for Macs, but if I've ever had any, I sure didn't notice it in any way.

    17.12.2015 01:38 #4

  • tisdadd

    Originally posted by fb2075: Originally posted by ddp: fb2075, that is being stupid. just finished repairing an imac because of bad sectors in it. installed new hard drive & loaded el capitan in it & recovered their data except for the ones affected by the bad sectors off the old hd. installed & ran avast for macs which found stuff that I got rid of so you can't say macs don't get infected because they do. Yes, there is a small amount of malware out there for Macs, but if I've ever had any, I sure didn't notice it in any way. Saw this, and just wanted to say that the best malware is one that you don't notice. Some hog system resources, and there are some out there that will actually delete others so that people will not notice that they are there from how the computer is behaving.

    No matter what the operating system, you should be running something as an antivirus to help prevent issues before they happen... once your computer gets hit, it is a pain to fix and I prefer to wipe them entirely and start anew.

    17.12.2015 03:35 #5

  • DVDBack23

    Originally posted by fb2075: Originally posted by ddp: fb2075, that is being stupid. just finished repairing an imac because of bad sectors in it. installed new hard drive & loaded el capitan in it & recovered their data except for the ones affected by the bad sectors off the old hd. installed & ran avast for macs which found stuff that I got rid of so you can't say macs don't get infected because they do. Yes, there is a small amount of malware out there for Macs, but if I've ever had any, I sure didn't notice it in any way. Virus writers have no reason to write for Macs since there is only 9 percent share of the entire market. Easier to try to infect the 90 percent

    17.12.2015 23:09 #6

  • xnonsuchx

    Originally posted by DVDBack23: Originally posted by fb2075: Originally posted by ddp: fb2075, that is being stupid. just finished repairing an imac because of bad sectors in it. installed new hard drive & loaded el capitan in it & recovered their data except for the ones affected by the bad sectors off the old hd. installed & ran avast for macs which found stuff that I got rid of so you can't say macs don't get infected because they do. Yes, there is a small amount of malware out there for Macs, but if I've ever had any, I sure didn't notice it in any way. Virus writers have no reason to write for Macs since there is only 9 percent share of the entire market. Easier to try to infect the 90 percent
    Just like it's better to go to McDonalds than any other restaurant. ;-)

    18.12.2015 08:23 #7

  • Bozobub

    Macs have a lot of protection, as others note above, from their lower market share, but OSX really is somewhat more resistant to infection, by design (remember, I only said "somewhat" - lol), much as UNIX and Linux, are and for similar reasons.

    That said, OSX regularly holds the record for least resistance to in-person attacks during "black hat" conferences which is not particularly impressive. We're talking about times under 15 seconds!

    The real secret is that NOTHING can keep users completely safe against, well, themselves and their own actions, but not having a given type of protection is not necessarily as stupid as it may seem. For example, even though I regularly install pirated software (mostly games) on my Windows PC, I get malware so rarely that I've turned off my antivirus; my infection rate hasn't gone up at all (and yes, I do know what - and how - to look for)! Why? Common sense and I only use known sources.

    If I'm worried about a particular bit of software, I'm much more likely to run Comodo's "HIPS" (real-time heuristics module) than any standard antivirus. No antivirus has ever been truly capable vs. "zero-day" threats without some similar type of process. Downloadable definitions, by their very nature, are always a step or two behind the game.

    Tl;dr? For most people, yes, running no antivirus is probably a dire mistake, no matter what kind of computer/OS you have. But this is NOT universal.

    19.12.2015 23:33 #8

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud