1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

Fruitfly malware is still a threat to unprotected Macs

By Cal Jeffrey ยท 7 replies
Jul 24, 2017
Post New Reply
  1. While Macs don’t get hit by malware as often as Windows, it still happens now and then. When it does, it can be just as threatening. The Fruitfly malware discovered earlier this year is a perfect example, and security researchers are saying that it is still a threat despite Apple having issued a patch.

    The malware, dubbed Fruitfly by Apple but detected as OSX.Backdoor.Quimitchin by Malwarebytes, is a nasty backdoor into OS X discovered back in January. Malwarebytes was alerted to it by a system admin who discovered it when he noticed unusual outgoing network traffic. Researchers studying the malicious software found that it had mostly been aimed at biomedical research centers.

    Malwarebytes informed Apple of the security threat and a patch was pushed out to protect against it. However, ZDNet reports that six months later, Macs are still turning up infected. Synack’s Chief Security Researcher Patrick Wardle, says that the malware is not as widespread, but it's still out there despite the patch. The malware is feature complete and capable of taking over the computer entirely.

    “[An operator] could take complete control of an infected Mac, including its keyboard and mouse, take screenshots of the display, remotely switch on the webcam, and modify files. The malware can also run commands in the background, and even kill the malware's process altogether -- likely in an effort to avoid detection.”

    Wardle created a command and control (C&C) server that could connect and communicate with a sample of Fruitfly in his lab. He discovered that not only could he take over the infected computer, but the software also alerted him if the victim was active, a sort of stealth warning system. It also had a kill switch that could end the application's process to avoid detection.

    He tested his C&C scripts with online servers and was shocked when he began getting information on numerous infected computers connecting to the servers. “I thought -- 'f**k!' -- I have to be responsible here,” he said. Aside from the C&C capabilities, he was able to see each user’s IP address, user name, and computer name, which he said was typically the full name of the user.

    Ninety percent of the users that connected to the C&C servers were located in the US, and most were individual users rather than groups such as companies or research firms as the early reports had indicated. Wardle believes that the malware is not state-controlled, but rather is operated by a single hacker to spy on people for “perverse reasons.”

    The delivery method for the malware could probably come through a malicious email attachment. It goes without saying, never open an email that you aren’t expecting.

    Permalink to story.

     
  2. SirChocula

    SirChocula TS Maniac Posts: 174   +183

    Obviously a bunch of lies from the Windows fanboys, Macs don't get malware or viruses!
     
    Kibaruk likes this.
  3. GreenNova343

    GreenNova343 TS Maniac Posts: 317   +209

    I think you forgot the "j/k" or "/sarcasm" tag there...
     
  4. Uncle Al

    Uncle Al TS Evangelist Posts: 4,418   +2,879

    He must be using a LISA ....... LOL
     
    Whitefyre likes this.
  5. Kibaruk

    Kibaruk TechSpot Paladin Posts: 3,610   +1,097

    That one was too obvious. Here Chocula, have my like.
     
    SirChocula likes this.
  6. jobeard

    jobeard TS Ambassador Posts: 12,350   +1,386

    ANY system can be attacked if the attacker has sufficient motivation and skill. Mac (I just love'm) have be immune only because the PC market is so much larger a Mac virus has a low return for the effort. IOS 10.3.3 was an update specifically to close an attack vector on cellphones and iPads, so Apple knows the truth and did something about it.

    Amazingly low quality rumor mill here on TS.
     
  7. That Other Guy

    That Other Guy TS Enthusiast Posts: 47   +25

    Ye gotta give it to us that deal with microsoft. we get everything thrown at us and the kitchen sink. tis nice when the Mac crowd gets a taste, we don't feel as lonely. Its a hard burden to get all the software we want and then the software we don't want.
     
  8. SirChocula

    SirChocula TS Maniac Posts: 174   +183

    Lol oh green, my sweet sweet summer child. The "mac get no virus" posts have around for years, it was obv sarcasm.
     

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...