I’ve never been a fan of MacKeeper.
The utility suite which claims to help Mac users stop security threats, find duplicate files, and help you uninstall unwanted apps, has always been advertised too aggressively for my liking, and has been notoriously difficult to uninstall.
MacKeeper, developed by Zeobit and now owned by a company calling itself Kromtech Alliance, is – I think it’s fair to say – somewhat controversial.
Just take a look at some articles about MacKeeper on the web:
- Ongoing MacKeeper fraud
- What MacKeeper is and why you should avoid it
- MacKeeper celebrates a difficult birthday under the cloud of a class action lawsuit
- Is MacKeeper really a scam?
(There are many many others…)
I decided long ago that it wasn’t going to be software that I wanted to have on my Macs, and I’ve made a point of helping other Mac-owning friends and family come to the same decision whenever I’ve spotted it on their systems.
But in case you need yet another reason not to use MacKeeper – here’s one for you.
Last month a serious zero-day vulnerability was found in MacKeeper, that could be exploited by hackers.
Essentially, a hacker could create a boobytrapped link that – if clicked – would trick MacKeeper into executing code that have any number of unpleasant payloads – such as wiping your hard disk, stealing information or installing malware.
At the time, Kromtech said it was unaware of any exploitation of the vulnerability.
Now, The Register reports, BAE security researcher Sergei Shevchenko has discovered that malicious hackers are exploiting the vulnerability in in-the-wild attacks.
Shevchenko says users who click a crafted phishing link will be prompted to enter login credentials to the MacKeeper app that will allow malware to execute with admin rights.
So, you have a choice now.
You can either ensure that you are running the latest version of MacKeeper which reportedly fixes the vulnerability.
Or you can decide that it’s time to uninstall MacKeeper entirely. Good luck with that option – hopefully you’ll find a guide on the web if you find it a tricky process…
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.
7 comments on “MacKeeper – a(nother) reason not to use it”
'executing cod that have any number of unpleasant payloads – such as wiping your hard disk, stealing information or installing malware.'
While I love seafood I somehow suspect the reference to cods is a missing 'e'.
Otherwise, I suppose there is one thing it won't be tricked in to doing. That is of course removing itself (notwithstanding wiping the file system[s] out). Put another way, the only useful (albeit very small) part of my comment is to point out the typo.
Cod almighty. There's a time and plaice for puns like this…
I agree but that's because it is always a good time for puns, even if the pun is what some might call fishy.
Edit: also phishy.
You wrote "But in case you need another reason now to use MacKeeper – here's another one for you" but I think you meant to write "not" instead of "now".
Arrrggh. What a typo to make!
Hanging my head in shame…
I recently received a message asking if I wanted to update Mackeeper I clicked the link & commenced the download all the while being helped by "a human inside" After a while I discovered it was not free as claimed so refused to download the rest and uninstalled what I had.
I was being asked repeatedly to continue the download. I responded by saying 'no way' I was misled in that you do charge for the download
To which their response was (& I kid you not) "we don't mention money otherwise the customer tends to focus on that" unbelievable & more importantly do Apple know about this
I've just seen my hard-drive "die" because I accidentally downloaded this bloody thing. (It "disguised" as a Flash update).
I am really upset, angry and don't know what to do. Can one report these "companies"? I am just a normal computer user. If I could only understand all these cyber-words and language. :(