- Jan 24, 2011
- 9,378
For the past few weeks, security researcher Chris Vickery has been working on discovering insecure applications and contacting the makers of those apps to have the issues resolved.
One of the applications he found to leak quite a large amount of personal user details is MacKeeper by Kromtech Alliance.
MacKeeper is the equivalent of an antivirus combined with adware, which many Mac users have come to hate in the past years and have even got so far with their distaste for the app that they've collectively sued the developer for showing false warnings about inexistent malware on their Macs.
The "MongoDB default config" issue strikes again
Now, as Mr. Vickery reveals, the company behind the app left a MongoDB server improperly configured, accessible via external connections. This server held information on 13 million MacKeeper users.
The issue is an old one, documented by many security researchers in the past, so Kromtech is solely at fault for the data leak. Apparently, the dev team had used a MongoDB instance without changing its default settings, where the 27017 port was left open for connections via the Internet.
Previous research from this February revealed that about 40,000 MongoDB databases were leaking data in the same way. In July, later in the year, the number went down to 30,000, but companies were still leaking 600 terabytes of data. Even worse, in August, another set of inquiries found 1.2 petabytes of data in the same way, but also from Redis, Elasticsearch, and Memcached servers.
Read more: MacKeeper Exposed Details for 13 Million Users
One of the applications he found to leak quite a large amount of personal user details is MacKeeper by Kromtech Alliance.
MacKeeper is the equivalent of an antivirus combined with adware, which many Mac users have come to hate in the past years and have even got so far with their distaste for the app that they've collectively sued the developer for showing false warnings about inexistent malware on their Macs.
The "MongoDB default config" issue strikes again
Now, as Mr. Vickery reveals, the company behind the app left a MongoDB server improperly configured, accessible via external connections. This server held information on 13 million MacKeeper users.
The issue is an old one, documented by many security researchers in the past, so Kromtech is solely at fault for the data leak. Apparently, the dev team had used a MongoDB instance without changing its default settings, where the 27017 port was left open for connections via the Internet.
Previous research from this February revealed that about 40,000 MongoDB databases were leaking data in the same way. In July, later in the year, the number went down to 30,000, but companies were still leaking 600 terabytes of data. Even worse, in August, another set of inquiries found 1.2 petabytes of data in the same way, but also from Redis, Elasticsearch, and Memcached servers.
Read more: MacKeeper Exposed Details for 13 Million Users