Another Mac malware computer has spread around the internet. It has been quietly circulating and running on the computers background processes and spies on users via the computer’s camera while capturing screenshots and logging keystrokes too.
Malwarebyes discovered the malware strain earlier this year. However there is another one out there named Fruitfly 2 which has appeared recently.
Patrick Wardle of Synack found 400 computers infected with the new strain and believes there’s more cases out there in the wild.
As of now, it is unclear how long it has been infecting computers all around the world. One thing is for certain, the source code was modified to work on the Mac Yosimite OS which has released on October 2014 which indicates that the malware has existed before that time.
Up to now, it is unknown who is behind all of this or how it has gotten into the computers.
The first version of the Fruitfly according to Thomas Reed of Malwarebytes is “unlike anything he has seen before.”
According to him, there are multiple strains of Fruitfly which utilizes the same set of spying algorithms but the code is different for each and every strain.
They have been analyzing strains for a while. Wardle decrypted parts of the code and set up a server to intercept traffic from infected computers.
Once he had set up this server of his, a couple hundreds of victims with this malware started to connect to his server. Approximately 400 computers names and ip addresses hooked up to it.
This can only be a small fraction of the total number of users who are compromised.
This latest discovery of the Fruitfly variant reminds us that Mac computers are not completely malware proof. It exists and seems to be less widespread than windows.
Mac users are over-confident that their computers will not be compromised and they do not seem to be as careful and paranoid as Windows users with how they use the internet and open attachments. Which is the same mentality as the rest of Mac computer users.
Apple, the tech giant did not issue a press statement or release any information on their website.
There has been increased activity with malware infecting Mac computers. As per McAfee, Mac malware skyrocketed in 2016 but it was mostly adware or plainly advertising. But now now, it does a targeted a targeted campaign to spy on users.
The FBI has been alerted and other national law enforcement agencies. The FBI does not confirm nor deny the existence of any investigation.
As far as researchers know, it is unclear if it was a targetted attack or a random thing only.
Wardle, who was a former NSA analyst has ruled out the possibility of nation state hacker who targets users to intercept data for cyber-espionage. He also doesn’t believe it’s a criminal using people’s data to make money.
As per Wardle “I believe its goals were a lot more insidious and sick: spying on people.”