MacKeeper exposed over 13 million Mac users data.

MacKeeper, an anti-virus software for Mac users that makes Macs more secure and stable has exposed 13 million Mac users data.

Image Credit: Imgur.com

According to a 31-year-old researcher Chris Vickery said that, recently he was able to access more than 13 million account details related to MacKeeper, Zeobit and Kromtech.

The breach was posted on Reddit forum on Sunday evening.

“I didn’t know it was some sort of scamming scareware or software that pushes itself on people. The irony here is pretty thick.”

Vickery said that three other different IP addresses associated with Kromtech, public access of data without the need for username and password.

The worse part is that the stored password were just look like MD5 with no salt.  “The data was/is publicly available,” Vickery wrote on Reddit. “No exploits or vulnerabilities involved. They published it to the open web with no attempt at protection.”

Vickery used Shodan search engine to index their IPs and see if he could find publicly accessible databases running database software called MongoDB.

Vickery  reached out the company, which responded quickly by shuttering public access to its user database, and publicly thanking him for reporting it.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil