Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security

Hackers Exploit MacKeeper Flaw To Spread OS X Malware 63

An anonymous reader writes: Controversial OS X 'clean-up utility' MacKeeper is being exploited by cybercriminals to diffuse Mac malware OSX/Agent-ANTU, according to the BAE cyber security unit. A single line of JavaScript on a malicious web-page is enough to hand over control of the user's system via MacKeeper. Lead security researcher Sergei Shevchenko said 'attackers might simply be 'spraying' their targets with the phishing emails hoping that some of them will have MacKeeper installed, thus allowing the malware to be delivered to their computers and executed,' The malware enables remote control over commands, uploads and downloads, and the setting of execution permissions, as well as granting access to details of VPN connections, user names, and lists of processes and statuses.
This discussion has been archived. No new comments can be posted.

Hackers Exploit MacKeeper Flaw To Spread OS X Malware

Comments Filter:
  • Slippin' malware into OSX, that is.
  • Huh? (Score:5, Insightful)

    by jomama717 ( 779243 ) <jomama717@gmail.com> on Tuesday June 23, 2015 @12:18PM (#49971157) Journal
    I thought MacKeeper was already malware. If you get suckered into installing it in the first place then anything goes.
    • Re: (Score:2, Flamebait)

      by Penguinisto ( 415985 )

      Exactly.

      Unlike Windows, the *nix-like nature of OSX keeps it pretty damned clean. Aside from the rare "Repair Permissions" run in Disk Utility to fix something that opens funny, you shouldn't have to do anything on a Mac for OS maintenance. Hell, I had a dual G5 PowerMac that ran 10.3 for years on end w/o any kind of OS-level maintenance, yet it never slowed down.

      Stupid Registry BS...

      • by ADRA ( 37398 )

        To be honest, I haven't had to touch the registry since begrudgedly getting Windows 7 for gaming. Even using it for pretty much day to day tasks, there isn't much reason to dig into the registry unless you can't find off the shelf util's to do it for you. Ex. I WOULD use it to make windows look like Windows 2000, but thankfully all of those lovely settings (and lots new code) exposed through Windows Classic Shell. In order to make my ideal desktop functional without haivng to dig around in obscure systems f

        • there isn't much reason to dig into the registry unless you can't find off the shelf util's to do it for you.

          That's the thing... I don't even have to do/use that. No need for CCleaner or any such utility. Sure, OSX has OS-level utilities (see also the old Onyx utility), but nearly all of them are either for performance-tweaking or Hackintoshing, not day-to-day cleanup/maintenance.

      • I've worked in the middle of a bunch of IOS techs for years. They have all the problems that windows users have, just with some different names, and a few variations of specifics, this includes malware. The main reason there are so many less infectors is because they are a much smaller priority for the scum making the malware because there are a lot less IOS boxes than there are Windows boxes. They are looking for quantity, whether it's part of a scam to get money, or to score points for destroying someones
        • Re: (Score:3, Insightful)

          Thank you for the first non flaming fanboy post. 100% accurate, we're seeing more mac infections and malware now not because of more exploits, it's because the market share is getting large enough to make them useful targets. This was not the case for some time. This "mac is safer" BS is the same as "linux is safer" no, it's not at all safer. Linux has so many flavors and variations it's not really feasible to blanket attack them. Moreover, most linux users have a better understanding of the OS than w
        • not sure if you're talking about Cisco devices or iPhones...

        • by tw2k ( 4011579 )
          IOS as in Cisco routers? or iOS as the OS that runs on iPhone & iPad? or OS X which runs on desktops?
        • IOS boxes? I think you may be talking out your arse.
        • Err, waitaminute... assuming you're not talking about Cisco IOS, there is no such thing as an "iOS" box from Apple. There is an iOS emulation environment within OSX (comes with XTools), but that's a totally different thing.

          Second, the number of iOS devices out there number in the hundreds of millions - iPhones, iPads, now the iWatch thingy... so, well, what do you mean "a lot less"?

          Also consider that any development box, of any OS brand or type, is going to need periodic cleanups, because the typical develo

        • I've worked in the middle of a bunch of IOS techs for years. They have all the problems that windows users have, just with some different names, and a few variations of specifics, this includes malware. The main reason there are so many less infectors is because they are a much smaller priority for the scum making the malware because there are a lot less IOS boxes than there are Windows boxes. They are looking for quantity, whether it's part of a scam to get money, or to score points for destroying someones data, and targeting IOS is automatically limiting your maximum targets. Hate windows all you want, but don't ever mistake obscurity for any kind of real security.

          You are truly an idiot.

          WTF is an "IOS[sic] box"???

          Not even a nice try.

    • You're already at +5. I wish there was +6, Jesus I Need a Drink

    • I thought MacKeeper was already malware.

      Damn straight - Stay well away from that shit.

  • You don't say? (Score:2, Insightful)

    by Anonymous Coward

    A crapware "product" to "solve" a usually non-existent "problem", most heavily promoted by deceptive pop-ups on porn sites, turns out not to be entirely trustworthy? I'm shocked, shocked, I tell you!

  • by Anonymous Coward

    It tricks people into installing it with sleazy ads, does nothing useful (and often stuff that is harmful) while slowing down the victim's system. I've yet to meet someone running it that wanted it on their computer.

    And now yet another reason to avoid it.

    I wish Apple would revoke their dev certificate so the low-info users could at least be protected from this shit by Gatekeeper.

  • If you have the MacKeeper malware on your Mac, it means you are already installing any malware/crapware/virus etc on your system by yourself. This added attack vector is not even needed...

  • But all the Mac fanbois tell me that Apple products never get viruses....
    • But all the Mac fanbois tell me that Apple products never get viruses....

      Bet you don't see the irony of that statement.

    • But all the Mac fanbois tell me that Apple products never get viruses....

      This is a Trojan. Every OS will ultimately allow $StupidUser to defeat $SECURITY_FEATURE to install ANYTHING from ANYBODY from ANYWHERE. But, without going into details, OS X has several redundant features that both make the $StupidUser far less likely to just casually click-install their way into slavery, and to attempt to minimize the damage that can be wrought by $MALICIOUS_CODE.

      Nothing is ever foolproof; but OS X is pretty damned secure; to the point that AV apps are still unnecessary.

  • by sribe ( 304414 ) on Tuesday June 23, 2015 @12:44PM (#49971389)

    So the first thought I had on reading the title was the predictable joke about MacKeeper being malware. But from reading the article, it sounds to me like MacKeeper installs a custom URL handler, which directs to a process that they installed which parses a command script from the URL and executes it. So, a component which allows any web site to run code outside your browser. That's malware, not in the sarcastic "less-than-useless" sense, but in the literal "actively installs attack vectors" sense.

    • If it isn't malware, it's massively badly written code by a bunch of idiots.

      Once again, companies take shortcuts, and add in security holes.

      I'm not entirely sure I know anything about MacKeeper, what with me not having used a Mac in a very long time ... but this sounds idiotic.

      • Apple just works! Even when badly written by a bunch of idiots!
        • The only idiot here is the one who apparently doesn't realize that MacKeeper has as much to do with Apple as Flash has to do with Microsoft.

        • by jo_ham ( 604554 )

          Apple just works! Even when badly written by a bunch of idiots!

          Pssssst! Mackeeper is not code written by Apple! Keep it under your hat!

          Just thought I should let you know before you make yourself look like a fool.... oh, sorry. I was delayed in traffic. If only I'd made it here sooner!

          Never mind.

  • Meanwhile, on this very comment page for this very article about how MacKeeper is spreading malware... there are two ads on this page pushed by Slashdot for.... wait for it... MacKeeper.

    • by Dupple ( 1016592 )

      Interesting, I'm using a Mac and I see and Ad for Azure and another for Catchpoint. Maybe because I'm in the UK

    • slashdot sells ad space to advertisers like every other webpage out there, they have very little control over the ads, mostly control after the fact once people complain. Bitch all you want, just bitch at the right people. It is, however, ironic. Much like the capchas were
  • And I do the same on friends' machines when performing maintenance.

  • Working exactly as designed, I suspect.

If all else fails, lower your standards.

Working...