A vulnerability detected within MacKeeper software resulted in a loss of user data. Kromtech found a weakness within the data storage system of the software which led to user data being compromised.
According to security research, almost thirteen million MacKeeper users were affected as a result of this vulnerability. The company was alerted with the problem that was occurring within its servers immediately. When Kromtech posted an alert about the breach on MacKeeper’s official website, the company took immediate action and was able to get the error fixed within hours.
Fortunately, the security breach did not result in any sensitive personal information being leaked. The sensitive data had not been jeopardized and was restored back in time. The credit card information and payment system within the company is managed by an external third party. This means that the company’s own servers do not store or transfer any kind of billing information.
The breach was discovered by a security researcher who was surfing through a search engine called Shodan. Initially looking for open servers and external connections, the researcher came across a number of internet addresses that belonged to Kromtech. After a thorough investigation, it was revealed that these addresses were a part of database that consisted of approximately thirteen million users.
Kromtech basically has a database for storing users’ names, the products they have ordered, their public IP addresses and license information.Apart from this, the company also runs its own user accounts which require specific usernames, product names and are protected by passwords. These accounts are mainly created for managing subscriptions, cross checking product licenses and for customer support.
After an extensive review and investigation, it was concluded that there were some errors made on part of the Kromtech as well. There were three major errors that put the customer information at risk.
- Kromtech’s customer database was not protected by a username and password.
- The company failed to secure the IP addresses leading to the database and make them private so that they would not be visible in searches.
- The hash algorithm, MD5, was very weak and not adequate enough for protecting the passwords that were stored in the database.
The algorithm is vital to the protection of the database and a weak one like MD5 can be easily broken. Hackers had advanced tools that enable them to decrypt and translate the MD5 hashes; hence, it can be easily broken down giving the hacker access to common passwords used within the database.
The issue was brought to the attention of Kromtech very quickly and the whole security breach was cleared up within a short span of time. Despite claims that the information was sealed before any kind of leak, nothing can be proved for sure. Before it was discovered, the information was out in the open for everyone to see and any hacker could have gained access to the database in the meantime.
MacKeeper, itself has had many vulnerabilities and issues with their malware. It has also been facing two class action lawsuits for fraud, out of which one was decided in favor of the plaintiff.
Users are advised to change their security passwords, upgrade their system and validate any contact that they make with company officials.