Your Mac is not safe. Well, at least not as safe as you think it is. That's the big takeaway following the detailed investigation of a particularly insidious strain of Apple-focused malware that has potentially been around for up to a decade -- all the while broadcasting video and audio from victims' computers back to an unknown attacker. SEE ALSO: Remotely hacking ships shouldn't be this easy, and yet ... The malware, dubbed Fruitfly, was first reported on in January by Malwarebytes. However, it was Synack Chief Security Researcher Patrick Wardle who blew the lid off Fruitfly's true nature on July 21.
A security researcher has unveiled new discoveries about Fruitfly, a dangerous macOS malware that has been shrouded in mystery since its discovery earlier this year. Patrick Wardle, the chief security researcher at security firm Synack and a former NSA hacker, took interest in Fruitfly. To learn more about the malware that has befuddled security experts since its discovery, Wardle--who is scheduled to speak about the malware at the Black Hat conference in Las Vegas--decided to interact with the malware directly. According to ZDNet, Wardle built a command and control server to interact with a sample of the Fruitfly malware. Doing so allowed the researcher to remotely communicate with the malicious software the same way an attacker would.
Security researchers have discovered an old version of Mac malware that has reappeared in the wild and managed to hijack Mac machines to generate profit for attackers. The attack, dubbed Mughthesec, appears to be a modified strain of a known adware attack known as OperatorMac. However the new version presents an evolved threat for Mac users, as the adware has found a way to appear as a legitimate application and bypass Apple's built in security systems. Mughthesec masquerades as an Adobe Flash installer--a common disguise for malicious programs--and installs itself on a victim's device if they agree to install the illegitimate Flash update. Once Mughthesec makes its way onto the victim's machine, it begins to seek permission to download other programs.