Vickery revealed that when he attempted to disclose the problem to Kromtech, the owner of MacKeeper, over the phone, he was unable to get through, so he posted about the issues on Reddit, following which the company officially responded and acknowledged the leak. It will be resetting passwords too, but said the decision wasn’t connected to the leak, though it has spurred the company on to make changes.
The company admitted to FORBES it was using MD5 but was in the process of upgrading to SHA512. He said there was no “salt” either, which would add random characters to the password before it’s garbled by the hash algorithm, making cracking more difficult. It provides excellent real-time protection against viruses and other malware, comes with a good selection of additional security and optimization features including ID theft protection, adware monitoring, and useful cleanup tools and provides a highly. MacKeeper is one of the best Mac-only security suites available in 2022.
#MACKEEPER EXPOSED FULL#
There are a large number of MD5 cracking tools, all of which can figure out the weaker passwords (e.g. Try MacKeeper Now (14 Days Risk-Free) MacKeeper Full Review. If it’s easy to guess how they did so, passwords can be recovered.Īccording to Vickery, it appeared MacKeeper was using MD5 – long-known to be weak. The source details that even the passwords were protected with a know-to-be-broken “hashing” algorithm. These algorithms take the plain text password and turn it into garbled letters and digits, using a one-way mathematical formula. The data was discovered by MacKeeper Security located on a misconfigured storage device, since taken offline, owned by an unnamed lieutenant that was inadvertently made public on the internet.
While MacKeeper is supposed to offer users extra security on their Apple Macs, it has failed to protect their personal data in more ways than one. Apparently all Vickery had to do was look for openly accessible MongoDB databases on the Shodan search tool.
0 kommentar(er)
