InShortViral: MacKeeper developers have discovered a vulnerability which results leak of nearly 13 million users data. What MacKeeper is doing? It is software that claims to secure Mac…
[dropcap]T[/dropcap]he Kromtech, the editor MacKeeper, acknowledged Monday, December 14, 2015 there has been a breach in security that compromised usernames, email addresses and other personal information of nearly 13 million people. The company claims that it has corrected the breach in some time. This is the safety expert, Chris Vickery, who discovered the flaw and who posted Sunday on Reddit.
The Data of 13 Million Mackeeper Users Have Been Compromised
Kromtech ensures that the data has not yet been exploited by third parties and only one person was able to penetrate servers MacKeeper. Vickery had never heard of MacKeeper, but it was random searches on the search engine Shodan.io with an instance named Port: 27017. This is the default gateway port for the database MongoDB. His search yielded 4 different IP addresses that are associated with Kromtech, editor MacKeeper. This offered public access to any personal data without the need for user name and password.
Data MacKeeper were available to all and there was no protection. This is not a fault, but a monstrous negligence for a company that offers software that claims to secure Macs. Payment information is not compromised by Kromtech because they are not stored on the servers of MacKeeper. The only information available are the names, products ordered, information licenses, public IP, user name and password. If this is not enough to Kromtech, one wonders what he considers an almost criminal negligence.
MacKepper has a very bad reputation. Known for its highly intrusive ads, MacKeeper is promoted as an antivirus. But in fact, it’s just a scam that causes false positives among users to encourage them to buy the paid later. Zeobit, who sold MacKeeper to Kromtech in 2013 has made a complaint in the face for fraudulent advertising and false accusation.