Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
16.0K views | +0 today
Follow
Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security...
Education Technology
Everything related to the (in)security of Apple products
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
Scoop.it!

MacKeeper carelessly leaves 13 million Mac users exposed | Apple | Nobody Is Perfect

MacKeeper carelessly leaves 13 million Mac users exposed | Apple | Nobody Is Perfect | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
From grahamcluley.com - December 15, 2015 9:09 AM
Researcher Chris Vickery stumbled across over 13 million sensitive account details related to MacKeeper, after using the Shodan search engine to hunt for database servers left open to the internet, that required no authentication.

Sure enough, Vickery's search found four different IP addresses of servers belonging to Kromtech.

And on those servers, Vickery found over 20GB of MacKeeper user data - including names, email addresses, phone numbers, IP addresses, software licenses, system information and users' hashed passwords.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security


Gust MEES's insight:
Researcher Chris Vickery stumbled across over 13 million sensitive account details related to MacKeeper, after using the Shodan search engine to hunt for database servers left open to the internet, that required no authentication.

Sure enough, Vickery's search found four different IP addresses of servers belonging to Kromtech.

And on those servers, Vickery found over 20GB of MacKeeper user data - including names, email addresses, phone numbers, IP addresses, software licenses, system information and users' hashed passwords.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
Scoop.it!

Security hole in MacKeeper used to shove malware onto Macs

Security hole in MacKeeper used to shove malware onto Macs | Apple, Mac, MacOS, iOS4, iPad, iPhone and (in)security... | Scoop.it
From nakedsecurity.sophos.com - June 23, 2015 8:01 AM

Researchers at BAE just reported on a Mac bot known as OSX/Agent-ANTU that was allegedly distributed in a novel way.

The crooks used a security hole in a controversial Mac security and cleanup utility called MacKeeper.

MacKeeper quickly patched the hole after it became known, but until you received the update you were at risk of a Remote Code Execution (RCE) hole.

As long as you were unpatched, a crook could simply entice or redirect you to a poisoned website, and use a single line of JavaScript to send a command script to MacKeeper, which would then run it.

Unfortunately, according to BAE, some crooks struck while the iron was hot.

The crooks sent unpatched MacKeeper users to a web page that tricked their Macs into downloading the OSX/Agent-ANTU malware.


Here are some examples we've seen over the years where the Windows malware "playbook" has been followed, in some cases extremely effectively, on OS X:


2012: Java-based exploit. The Flashback malware was injected onto your Mac via an unpatched Java bug. Flashback was a bot, or zombie, meaning that crooks could remotely send it instructions to help them commit further cybercrime. Estimates suggest that more than 600,000 Macs ended up infected, supposedly including "274 from Cupertino."


2013: Word-based exploit. SophosLabs reported on attackers using an exploitable bug in Microsoft Word for Mac to target Chinese minority groups. If you opened a booby-trapped document, disguised as some sort of political commentary, the crooks got control of your Mac via zombie malware called OSX/Agent-AADL.


2014: Fake "undelivered item" documents. If you opened the bogus PDF file, really an application in disguise, you could end up infected with a data-stealing Trojan called OSX/LaoShu-A. Amongst other things, this one would find files such as documents, spreadsheets, presentations and archives...and send them to the crooks.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security




Gust MEES's insight:

Researchers at BAE just reported on a Mac bot known as OSX/Agent-ANTU that was allegedly distributed in a novel way.

The crooks used a security hole in a controversial Mac security and cleanup utility called MacKeeper.

MacKeeper quickly patched the hole after it became known, but until you received the update you were at risk of a Remote Code Execution (RCE) hole.

As long as you were unpatched, a crook could simply entice or redirect you to a poisoned website, and use a single line of JavaScript to send a command script to MacKeeper, which would then run it.

Unfortunately, according to BAE, some crooks struck while the iron was hot.

The crooks sent unpatched MacKeeper users to a web page that tricked their Macs into downloading the OSX/Agent-ANTU malware.


Here are some examples we've seen over the years where the Windows malware "playbook" has been followed, in some cases extremely effectively, on OS X:


2012: Java-based exploit. The Flashback malware was injected onto your Mac via an unpatched Java bug. Flashback was a bot, or zombie, meaning that crooks could remotely send it instructions to help them commit further cybercrime. Estimates suggest that more than 600,000 Macs ended up infected, supposedly including "274 from Cupertino."


2013: Word-based exploit. SophosLabs reported on attackers using an exploitable bug in Microsoft Word for Mac to target Chinese minority groups. If you opened a booby-trapped document, disguised as some sort of political commentary, the crooks got control of your Mac via zombie malware called OSX/Agent-AADL.


2014: Fake "undelivered item" documents. If you opened the bogus PDF file, really an application in disguise, you could end up infected with a data-stealing Trojan called OSX/LaoShu-A. Amongst other things, this one would find files such as documents, spreadsheets, presentations and archives...and send them to the crooks.


So, if you haven't yet crossed the bridge and become a Mac anti-virus user, now would be a good time to give it a go.


Learn more:


http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security



more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn