MacKeeper Exposes Data on 13 Million Customers

mackeeperAnti-virus company MacKeeper is making headlines today for its lax security on a customer database that contained 13 million customer records complete with names, email addresses, usernames, password hashes, phone numbers, IP address, and system information.

As shared in a reddit post, Chris Vickery (via Forbes) was able to download the records simply by entering an IP address, with no username or password required to access the data, a major security oversight on MacKeeper's part.

MacKeeper was also using MD5 hashes for passwords, a weak algorithm that's easily bypassed using an MD5 cracking tool. As Vickery says, MacKeeper (and parent company Kromtech) "appears to have no respect for the privacy of its users' data or the integrity of their information."

Vickery did not share details on the exploit and immediately contacted Kromtech about the oversight. Using Vickery's information, Kromtech secured the database after several hours, and nobody with malicious intent was reportedly able to get ahold of customer details. With the exploit fixed, Vickery explained how he accessed the data.
Here are some details (now that it's secured): The search engine at Shodan.io had indexed their IPs as running publicly accessible MongoDB instances (as some have already guessed). I had never even heard of MacKeeper or Kromtech until last night. I just happened upon it after being bored and doing a random "port:27017" search on Shodan.
For those unfamiliar with MacKeeper, it is Mac software that purports to optimize a Mac and keep it secure from viruses and malware, tricking people into a purchase with unrealistic claims. Earlier this month, a class action lawsuit led to a $2 million settlement that will see MacKeeper providing refunds to customers who purchased the software and would like their money back.

Though MacKeeper says Vickery was the only person to access the information, MacKeeper customers should still change their passwords and passwords on sites that used the same password as the MacKeeper password.


Top Rated Comments

(View all)
Avatar
13 months ago
The part of this story that shocks me is that 13 million fell for their scam.
Rating: 40 Votes
Avatar
13 months ago
It's safe to say with the amount of money MacKeeper spend on advertising on the web they must be funded by either someone high up in the online porn industry or a large criminal organisation.

I'd love to see Apple become more involved in annihilating these guys off the map. People around here are quick to call someone dumb for installing this software, but the average person doesn't have time to hang out on MacRumors. Apple need to sort these guys out once and for all.
Rating: 29 Votes
Avatar
13 months ago
If any company needs to not exist, it's them.
Rating: 13 Votes
Avatar
13 months ago
Who could have thought of this? Me! God I really hate this product.
Rating: 10 Votes
Avatar
13 months ago
Im glad, as a Service Manager for an Apple Specialist we tell people everyday not to use this. Some people fight us on this say they love it. We try to educate them that there are free alternatives like Malwarebytes Anti-Malware for Mac and Sophos Home for Mac that do not take over your Mac and are valid companies. Actually Malwarebytes (formally Adware Medic) sees MacKeeper as malware, CAUSE IT IS!
Rating: 9 Votes
Avatar
13 months ago
Who didn't see this coming?
Rating: 9 Votes
Avatar
13 months ago
What a vile company, their 'software' is malicious, doesn't surprise me one bit, glad I'm not one of their customers (read victims)
Rating: 7 Votes
Avatar
13 months ago

You're pr



This is a myth--MacKeeper is NOT a scam. Go to Wikipedia and see the links to respectable Mac publications. They DO have egregious, aggressive advertising, but the product is legit, and so is the company.

Some people may be confusing this with a similarly-named program, MacDefender, which really was malware.

The product doesn't do anything but ask for money and make itself impossible to remove.
Rating: 6 Votes
Avatar
13 months ago

The people that made accounts probably deserve their info to be hacked anyways.


What a horrible thing to say. Many of these people were probably new converts to Apple or elderly and didn't know any better. Not everyone is technologically inclined. Get off your high horse.

Im glad, as a Service Manager for an Apple Specialist we tell people everyday not to use this. Some people fight us on this say they love it. We try to educate them that there are free alternatives like Malwarebytes Anti-Malware for Mac and Sophos Home for Mac that do not take over your Mac and are valid companies. Actually Malwarebytes (formally Adware Medic) sees MacKeeper as malware, CAUSE IT IS!


The amount of people that come into my store with this issue is STAGGERING. Malwarebytes has been a blessing but it doesn't remove everything. Many times we have to go into the System Library to remove the remnants or it'll just re-appear upon restart.
Rating: 6 Votes
Avatar
13 months ago

The people that made accounts probably deserve their info to be hacked anyways.

Victim-blaming is 100% ********. Don't fall into that trap.

The only people who deserve anything are the Mackeeper people, and we all know what they deserve.
Rating: 5 Votes
[ Read All Comments ]