A new highly-invasive malware has been lurking out in the wild for years now. Here’s what you need to know about it and how you can protect yourself.
Table of Contents
Patrick Wardle identifies a new variant of Fruitfly
Patrick Wardle, director of research at Synack, has identified a powerful new variant of the Fruitfly malware for macOS. This malware has apparently stayed completely undetected for around 5-10 years.
During source code analysis, Wardle found several domain names the malware connects to.
After registering one of those domains, the security researcher detected around 400 infected Macs, most of which were located in residential buildings in the US.
Here’s image of him analyzing the infected hosts and their IP Addresses.
Wrote C&C server to analyze🍎-virus for @BlackHatEvents/@defcon talk. Took over a C&C addr & 100s 🤒💻 (90% in 🇺🇸): ‘hi, task us’👮now involved😱 pic.twitter.com/DxS1y8KYZB
— patrick wardle (@patrickwardle) July 21, 2017
The security researcher will delve deeper into the malware and its working at the BlackHat security conference in Las Vegas.
What is FruitFly?
Fruitfly is a malware designed to infect macOS. Here are the actions it can perform without your knowledge –
- Control your webcam and record everything
- Record keystrokes
- Take screenshots
According to Wardle, there is currently no evidence that Fruitfly steals sensitive financial data. It does not spy on your bank details or demands a ransom. The spyware is purportedly designed for corporate espionage and targets biomedical research facilities.
This indicates that it is designed for corporate espionage and targeting biomedical research facilities.
According to Patrick Wardle, its original command-and-control server in no longer operational. This clearly indicates the malware is no longer in use by its developer.
Thankfully, the domains it connects to are also no longer accessible rendering the malware useless.
How to Patch Fruitfly Malware on macOS
The only way to stay safe is to keep your operating system up to date. To upgrade, simply go to App Store > Updates > Update All.
Always stay updated and use reputed antivirus software such as BitDefender or ESET Smart Security.
How this malicious program emerged still remains unclear. A Fruitfly version found in January this year was very primitive and was targeted at Mac OS X.
Moreover, it’s still unknown how it enters the system – through a security vulnerability or a social engineering maneuver.
For more security updates, like and follow us on Facebook and Twitter.