Have you heard of Fruitfly, a near-undetectable Mac backdoor Malware?

24 Jul
Industry, News

Even six months after it was discovered, the first Mac malware of the year is still causing a giant headache.

According to ZDNet, the recently discovered Fruitfly malware is a stealthy but highly-invasive malware for Macs that went undetected for years. The controller of the malware has the capability to remotely take complete control of an infected computer — files, webcam, screen, and keyboard and mouse.

But despite its recent discovery, there is still little is known about the malware.

Apple released security patches for Fruitfly earlier this year, but variants of the malware have since emerged. The core of the malware is an obfuscated perl script using the antiquated code, with indicators in the code that suggests the malware may go back almost half a decade or more, the security firm said. Nevertheless, the malware still works well on modern versions of macOS, including Yosemite. Fruitfly connects and communicates with a command and control server, where an attacker can remotely spy on and control an infected Mac.

But what it does, and why, aren’t widely known.

“It’s not the most sophisticated Mac malware,” said Wardle in a Signal call last week, but he described it as “feature complete.” Like others, he wasn’t sure what the malware did exactly on first glance.

He found that he could take complete control of an infected Mac, including its keyboard and mouse, take screenshots of the display, remotely switch on the webcam, and modify files. The malware can also run commands in the background, and even kill the malware’s process altogether — likely in an effort to avoid detection.

Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.

You can find Secure Sense on Facebook,  LinkedIn, and Twitter. Follow us for current company and industry news.


Source1