It is quite disturbing to see all those great big ads for MacKeeper on all my favorite blogs. I know the individual bloggers don't have much to do with it, per se: they just subscribe to a service, like intermarkets.net that accepts and administers ads for anyone who signs up. The ads pop up on blogs and other sites without any necessary interaction with the blogger or webmaster. (Do I have that right?) But I believe it is possible to block ads even so, and when it comes to MacKeeper, I wish they would get to it and start blocking. And I wish the ad services would do a better job of screening them out, because these ads are everywhere.
In case you don't know: MacKeeper is malware. (It has gone by other names in the past, MacDefender, and a couple of others -- I believe the one that hit me was called MacProtector.) It is designed to trick the victim into downloading it, installing it as an application, and then use a credit card to pay for a phony "cleaning" -- in the process, the victim's credit card is STOLEN, personal information is compromised, and the victim's computer is crippled.
The really evil thing about it, and the reason why the ads are so disturbing, is that it can sometimes manage to download itself in the background, without the user clicking on anything at all. There's apparently some java script that does this when the ad is displayed. You still have to click "okay" on the fake installer, but that too can happen accidentally. Once installed, it is nearly impossible to get rid of. Even when you delete it and all of the files you can find, it still manages to run in the background, consuming CPU resources and slowing your computer to a crawl. (I don't know if that's a byproduct or a malicious "feature.") Anyway, it happened to me, and it's a nightmare.
MacKeeper isn't something anyone would want to advertise on his or her site. It is a criminal enterprise.
If you see it advertised, it goes without saying, don't click on it. And even having not clicked on it, check your system log to make sure it didn't download itself. And bloggers and ad companies: please do what you can to block it. It's pure evil.
UPDATE: I actually sent a note (via feedback form) to intermarkets.net and received this reply:
Thank you for your feedback. This is a legitimate product. The MacDefender is the virus that hit the web a few weeks ago.So now I guess I'm confused. There's no obvious consensus on the apple discussion boards as to whether MacKeeper is, or is not, a variant of MacDefender: some say yes, some say no. And if you google around, you'll find lots of folks in agreement that MacKeeper is a legitimate product. There is some indication that there's a "fake MacKeeper" out there that mimics the legitimate one. If so, they all must have mimicked the real one, because they all have the same interface, the same (to me) sinister robot icon/mascot, and, honestly, the same kind of behavior. And if the real one is indeed legitimate, considering all this confusion and publicity that included articles in the New York Times and everywhere, you'd think there'd be some reference to it on their website, some FAQ or something explaining the difference between the legitimate one and the malware variants. I looked and couldn't find anything like that. That adds to the general impression that the whole thing is an elaborate fake, but that could be a mistaken impression. I'm not going to link to their website because I'm not convinced it's safe. You can google it at your own risk.
Regardless, I have to say that, legitimate or not, it still behaves like malware. It will try to download itself without your knowledge and against your will; it will try to install itself without your knowledge and against your will; it runs mysterious processes in the background even when you don't install it, and throws up pop ups in the Finder and in browsers demanding that you install, sign up for things, etc. It resists attempts to uninstall it.
Anyway, it may or may not be legitimate, I guess, but I sure wouldn't risk it.
Posted by Dr. Frank at July 8, 2011 07:26 PM | TrackBackLegitimate or not, things like MacKeeper aren't even necessary. They exist because people remember needing tools like it on Windows, and assume they need something similar now that they have a Mac. They don't.
Posted by: Nate at July 8, 2011 09:54 PMYes its true that even what it purports to do is unnecessary. Even giving them the biggest benefit of the doubt there is, it is marketed and distributed in a sleazy and abusive way. Essentially it tricks people into installing it, then causes problems, which the company then charges them to "fix." That's really being generous with the term "legitimate" but it is seriously as legit as this thing ever seems to get.
The other version of it, characterized as "fake" but very hard to distinguish from the real one, is unequivocally an identity and credit card theft scam.
It really seems to me like the "legitimate" version and the "fake" version, to the degree that they are in fact different, are run by the same outfit as part of the same general scam.
If not, though, it's even weirder, because that means that the legitimate company, having been hijacked by a malware program that imitates it, decided it liked the malware's methods enough to to adopt them and use them itself.
Either way, the really bad thing about it is, even if you fully realize it is a useless and potentially dangerous thing you don't need or want on your computer, it can still manage to hijack your computer without your permission or even knowledge.
It's also funny that some of their scare pop-ups say "911 for your Mac!" They mean 911 as in the emergency numbers you dial, but the other meaning actually seems quite a bit more apt.
Posted by: Dr. Frank at July 8, 2011 11:05 PMI've seen the same thing in the PC world.
There's some real commercial non-malware PC antivirus software (whose name I don't recall exactly, but it was something like PC Doctor or Doctor Net or something similarly stupid).
And then someone made some malware just like the thing you describe, using the same name.
(Which is yet another reason to, on a PC, run only Microsoft Security Essentials, manually installed from MS's webpage and updated via Windows Update...)
Posted by: Sigivald at July 11, 2011 09:43 PMHello guys,
My name is Sana Paul and I'm Zeobit LLC PR Manager.
Dr. Frank, it's a pity you use unchecked information telling MacKeeper is a malware and is an analogue to MacDefender while in fact it's in the list of reputable malware scanners. I'm nearly sure it's a misunderstanding but you should've contacted Zeobit LLC - the developers of MacKeeper - to ask questions you are interested in.
So I would like to say a few words concerning this article. First of all, MacKeeper isn't the same as MacDefender.
Make sure in it reading this article at http://www.pcfixessupport.com/mac-keeper-removal-how-to-remove-mac-keeper-fake-program-without-formatting-my-macbook/
Pay attention to the subtitle of the article - (The Mac Keeper we are discussing here is a fake one, but there is a real MacKeeper which is a legit software developed by US company – ZeoBIT LLC., so please NOT to be confused with legit App: MacKeeper from ZeoBIT LLC. )
You can take a look at this CNet article - 'How to protect your Mac from recent malware' - http://reviews.cnet.com/8301-13727_7-20063683-263.html#ixzz1NvwWnfn5
Look for the reference of MacKeeper and there it is, in the list of reputable malware scanners along with Sophos Antivirus (Mac Home edition),
MacScan,Intego VirusBarrier, Kapersky,ClamXav etc.
To find out more about MacKeeper welcome to our official website mackeeper.com - take a look at our mediaroom - there you'll find numerous reviews from trustful Mac resources and the awards our app has ever received. You can also contact me at sana@zeobit.com - feel free to ask questions about our app.
So hope you will do it and will receive the proper understanding of what MacKeeper really is.
Best regards,
Sana Paul, Zeobit LLC PR Manager
Hello guys,
My name is Sana Paul and I'm Zeobit LLC PR Manager.
Dr. Frank, it's a pity you use unchecked information telling MacKeeper is a malware and is an analogue to MacDefender while in fact it's in the list of reputable malware scanners. I'm nearly sure it's a misunderstanding but you should've contacted Zeobit LLC - the developers of MacKeeper - to ask questions you are interested in.
So I would like to say a few words concerning this article. First of all, MacKeeper isn't the same as MacDefender.
Make sure in it reading this article at www.pcfixessupport.com/mac-keeper-removal-how-to-remove-mac-keeper-fake-program-without-formatting-my-macbook/
Pay attention to the subtitle of the article - (The Mac Keeper we are discussing here is a fake one, but there is a real MacKeeper which is a legit software developed by US company – ZeoBIT LLC., so please NOT to be confused with legit App: MacKeeper from ZeoBIT LLC. )
You can take a look at this CNet article - 'How to protect your Mac from recent malware' - http://reviews.cnet.com/8301-13727_7-20063683-263.html#ixzz1NvwWnfn5
Look for the reference of MacKeeper and there it is, in the list of reputable malware scanners along with Sophos Antivirus (Mac Home edition),
MacScan,Intego VirusBarrier, Kapersky,ClamXav etc.
To find out more about MacKeeper welcome to our official website mackeeper.com - take a look at our mediaroom - there you'll find numerous reviews from trustful Mac resources and the awards our app has ever received. You can also contact me at sana@zeobit.com - feel free to ask questions about our app.
So hope you will do it and will receive the proper understanding of what MacKeeper really is.
Best regards,
Sana Paul, Zeobit LLC PR Manager
Hello guys,
My name is Sana Paul and I'm Zeobit LLC PR Manager.
Dr. Frank, it's a pity you use unchecked information telling MacKeeper is a malware and is an analogue to MacDefender while in fact it's in the list of reputable malware scanners. I'm nearly sure it's a misunderstanding but you should've contacted Zeobit LLC - the developers of MacKeeper - to ask questions you are interested in.
So I would like to say a few words concerning this article. First of all, MacKeeper isn't the same as MacDefender.
Make sure in it reading this article at pcfixessupport.com entitled Mac keeper removal - how to remove mac keeper fake program without formatting my macbook
Pay attention to the subtitle of the article - (The Mac Keeper we are discussing here is a fake one, but there is a real MacKeeper which is a legit software developed by US company – ZeoBIT LLC., so please NOT to be confused with legit App: MacKeeper from ZeoBIT LLC. )
You can take a look at this CNet article - 'How to protect your Mac from recent malware'
Look for the reference of MacKeeper and there it is, in the list of reputable malware scanners along with Sophos Antivirus (Mac Home edition),
MacScan,Intego VirusBarrier, Kapersky,ClamXav etc.
To find out more about MacKeeper welcome to our official website mackeeper dot com - take a look at our mediaroom - there you'll find numerous reviews from trustful Mac resources and the awards our app has ever received. You can also contact me at sana at zeobit dot com - feel free to ask questions about our app.
So hope you will do it and will receive the proper understanding of what MacKeeper really is.
Best regards,
Sana Paul, Zeobit LLC PR Manager
Hello guys,
My name is Sana Paul and I'm Zeobit LLC PR Manager.
Dr. Frank, it's a pity you use unchecked information telling MacKeeper is a malware and is an analogue to MacDefender while in fact it's in the list of reputable malware scanners. I'm nearly sure it's a misunderstanding but you should've contacted Zeobit LLC - the developers of MacKeeper - to ask questions you are interested in.
So I would like to say a few words concerning this article. First of all, MacKeeper isn't the same as MacDefender.
Make sure in it reading this article at pcfixessupport dot com entitled 'Mac keeper removal - how to remove mac keeper fake program without formatting my macbook'
Pay attention to the subtitle of the article - (The Mac Keeper we are discussing here is a fake one, but there is a real MacKeeper which is a legit software developed by US company – ZeoBIT LLC., so please NOT to be confused with legit App: MacKeeper from ZeoBIT LLC. )
You can take a look at this CNet article - 'How to protect your Mac from recent malware'
Look for the reference of MacKeeper and there it is, in the list of reputable malware scanners along with Sophos Antivirus (Mac Home edition),
MacScan,Intego VirusBarrier, Kapersky,ClamXav etc.
To find out more about MacKeeper welcome to our official website mackeeper dot com - take a look at our mediaroom - there you'll find numerous reviews from trustful Mac resources and the awards our app has ever received. You can also contact me at sana at zeobit dot com - feel free to ask questions about our app.
So hope you will do it and will receive the proper understanding of what MacKeeper really is.
Best regards,
Sana Paul, Zeobit LLC PR Manager
Posted by: Sana Paul at July 12, 2011 01:26 PMHello guys,
My name is Sana Paul and I'm Zeobit LLC PR Manager.
Dr. Frank, it's a pity you use unchecked information telling MacKeeper is a malware and is an analogue to MacDefender while in fact it's in the list of reputable malware scanners. I'm nearly sure it's a misunderstanding but you should've contacted Zeobit LLC - the developers of MacKeeper - to ask questions you are interested in.
So I would like to say a few words concerning this article. First of all, MacKeeper isn't the same as MacDefender.
Make sure in it reading this article at pcfixessupport entitled Mac keeper removal - how to remove mac keeper fake program without formatting my macbook
Pay attention to the subtitle of the article - (The Mac Keeper we are discussing here is a fake one, but there is a real MacKeeper which is a legit software developed by US company – ZeoBIT LLC., so please NOT to be confused with legit App: MacKeeper from ZeoBIT LLC. )
You can take a look at this CNet article - 'How to protect your Mac from recent malware'
Look for the reference of MacKeeper and there it is, in the list of reputable malware scanners along with Sophos Antivirus (Mac Home edition),
MacScan,Intego VirusBarrier, Kapersky,ClamXav etc.
To find out more about MacKeeper welcome to our official website mackeeper dot com - take a look at our mediaroom - there you'll find numerous reviews from trustful Mac resources and the awards our app has ever received. You can also contact me at sana at zeobit dot com - feel free to ask questions about our app.
So hope you will do it and will receive the proper understanding of what MacKeeper really is.
Best regards,
Sana Paul, Zeobit LLC PR Manager
Posted by: Sana Paul at July 12, 2011 01:37 PMThanks for weighing in (five times), Sana Paul. I did include that link that indicates that there's a "fake MacKeeper" in the update. As I said, I'm confused about this whole thing.
I'm willing to believe there's a legitimate application in there somewhere. But it is still pretty puzzling that, if so, the legitimate application seems to spread itself using the same methods and exploits that the malware does. Even your PR outreach, as we see it on this blog and on lots of other internet sites, seems a little strange. Why post the same thing five times?
I'm also still puzzled by the fact that the MacKeeper website provides no information about the malware. I would guess that quite a few people visit the site with that question. Rather than including detailed information to reassure people that your app isn't dangerous and to help protect themselves from the dangerous mimicking malware, the website ignores it completely. Instead, you seem to have a team of PR people who spam comments when anyone expresses confusion or complains about it. Bad (and, suspicious-looking) strategy.
I have nothing against you or your product, if it is indeed legitimate. However, you have a much bigger PR problem than people expressing confusion on their blogs. Anyone who has been targeted by that malware (and it is a lot of people) react to that robot with terror. Can you blame us?
it doesn't help that it is so difficult to spot the difference between the behavior of the malware and the legitimate app, if such it is.
Posted by: Dr. Frank at July 12, 2011 07:44 PM