Massive breach exposes info in 13 million MacKeeper accounts

MacKeeper, an antivirus tool for Mac OS X, is the latest victim of a massive breach that exposed information contained in 13 million accounts, reports Forbes. Researcher Chris Vickery says that said he uncovered four IP addresses that took him straight to a MongoDB database, containing a range of personal information, including names, email addresses, usernames, password hashes, phone numbers, IP addresses, system information, as well as software licenses and activation codes. 

All Vickery had to do was look for openly accessible MongoDB databases on the Shodan search tool. Forbes says that there’s another apparent security issue: the passwords were protected with a know-to-be-broken “hashing” algorithm. These algorithms take the plain text password and turn it into garbled letters and digits, using a one-way mathematical formula. If it’s easy to guess how they did so, passwords can be recovered.

MacKeeper isn’t exactly widely loved. It’s considered by many to be little more than “scareware” with its constant messages that you need the software to keep your Mac safe. The company buys 60 million ad impressions per month, making it the heaviest advertiser to Mac users, according to PC World. The ads include pop-ups, affiliates, and paid-for reviews that appear across the web. 

As noted by Business Insider, the company has faced multiple lawsuits over the way its software works. In January 2014, a set of plaintiffs from Illinois said that "neither the free trial nor the full registered versions of MacKeeper performed any credible diagnostic testing," which would invalidate one of the key claims of the software. 

However you feel about the company, the massive breach it has experienced is concerning. 

“Cybersecurity companies are the trusted link in the supply chain that is being pursued by cyber criminals,” says Trend Micro Chief Cybersecurity Officer Tom Kellermann. “Many of whom do not practice what they preach per cybersecurity. We will see more of these beaches among the smaller cybersecurity vendors as they enter the cross hairs of the dark web.”