The utility suite which claims to help Mac users stop security threats, find duplicate files, and help you uninstall unwanted apps, has always been advertised too aggressively for my liking, and has been notoriously difficult to uninstall.
MacKeeper, developed by Zeobit and now owned by a company calling itself Kromtech Alliance, is – I think it’s fair to say – somewhat controversial.
Just take a look at some articles about MacKeeper on the web:
- Ongoing MacKeeper fraud
- What MacKeeper is and why you should avoid it
- MacKeeper celebrates a difficult birthday under the cloud of a class action lawsuit
- Is MacKeeper really a scam?
(There are many many others…)
I decided long ago that it wasn’t going to be software that I wanted to have on my Macs, and I’ve made a point of helping other Mac-owning friends and family come to the same decision whenever I’ve spotted it on their systems.
But in case you need yet another reason not to use MacKeeper – here’s one for you.
Last month a serious zero-day vulnerability was found in MacKeeper, that could be exploited by hackers.
Essentially, a hacker could create a boobytrapped link that – if clicked – would trick MacKeeper into executing code that have any number of unpleasant payloads – such as wiping your hard disk, stealing information or installing malware.
At the time, Kromtech said it was unaware of any exploitation of the vulnerability.
Now, The Register reports, BAE security researcher Sergei Shevchenko has discovered that malicious hackers are exploiting the vulnerability in in-the-wild attacks.
Shevchenko says users who click a crafted phishing link will be prompted to enter login credentials to the MacKeeper app that will allow malware to execute with admin rights.
So, you have a choice now.
You can either ensure that you are running the latest version of MacKeeper which reportedly fixes the vulnerability.
Or you can decide that it’s time to uninstall MacKeeper entirely. Good luck with that option – hopefully you’ll find a guide on the web if you find it a tricky process…
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.