According to the new 2022 Global Threat Report from Elastic Security Labs, 48% of all macOS malware comes from a single application.

MacKeeper , a deviMacKeeperce protection and performance app, delivers 48% of malware that targets macOS to Apple computers, according to Elastic Security Labs researchers .

According to experts, this application can be misused by cybercriminals because it has extensive permissions and access to processes and files.

In second place is the XCSSET malware , which uses vulnerabilities in the Safari browser to:

  • collect confidential data.
  • discreetly take screenshots.
  • remotely access the microphone and webcam.
  • install ransomware.

Third place went to Adload malware , which hijacks victims’ browsers and redirects them to malicious sites with a dubious reputation.

The experts were unable to examine these families of malware in detail, but did point out that MacKeeper is notoriously difficult to remove. Removal in the standard way does not get rid of malware, and to fully remove it, you will have to use the instructions of “advanced users”.

MacKeeper already gained attention in 2015 when a flaw in the app compromised the data of 13 million users . According to Kromtech (the developer of the application), the company is not interested in the confidential information of customers. The list of data stored by the manufacturer includes the name of the customer, the names of the products ordered, the public IP address, and the password hashes for the administrator account.