MacKeeper is a program that's been infamous among Mac users for many years. It isn't malware by most definitions, but the makers have been known to use all sorts of marketing tricks to get the software inside your Mac, from which it is inordinately hard to dislodge (as you'll see in our lengthy tutorial explaining how to uninstall MacKeeper).
It purports to be a program that cleans and keeps order in your Mac, and a few users have told us that they find it useful. But they are very much in the minority: the free version used to show messages about various security flaws that the paid-for version would remedy but which, users allege, simply do not exist. It has therefore been widely referred to as spam and even "scamware".
Now Thomas Reed, head of Mac and mobile development at antivirus developer Malwarebytes, has discovered that the latest version of MacKeeper uses a system extension that has been approved by Apple. And he does not mince his words:
What the hell, Apple? You won't give me and other security researchers the EndpointSecurity entitlement, but you give f***ing MacKeeper the entitlement?!?! What in the hell is wrong with you? 🤬🤬🤬 pic.twitter.com/RwkD9PLkSH— Thomas Reed (@thomasareed) November 23, 2020
Specifically, Apple has given MacKeeper's developer certificates the right to sign applications that use the Endpoint Security framework used by antivirus software, for example.
MacKeeper was sold in 2019 to the company Clario, which has tried to get away from its former image as a spam program, but it has a lot to prove before our recommendation becomes anything other than avoiding the program.
For advice on keeping your machine, read our Mac security tips.
This article originally appeared on Macworld Sweden. Translation by David Price.