Collaborating Authors

Creepy spyware has infected Macs for years, and we're only just realizing it now


Your Mac is not safe. Well, at least not as safe as you think it is. That's the big takeaway following the detailed investigation of a particularly insidious strain of Apple-focused malware that has potentially been around for up to a decade -- all the while broadcasting video and audio from victims' computers back to an unknown attacker. SEE ALSO: Remotely hacking ships shouldn't be this easy, and yet ... The malware, dubbed Fruitfly, was first reported on in January by Malwarebytes. However, it was Synack Chief Security Researcher Patrick Wardle who blew the lid off Fruitfly's true nature on July 21.

Mac Fruitfly Malware: Security Researcher Reveals Attack Can Spy On Victims

International Business Times

A security researcher has unveiled new discoveries about Fruitfly, a dangerous macOS malware that has been shrouded in mystery since its discovery earlier this year. Patrick Wardle, the chief security researcher at security firm Synack and a former NSA hacker, took interest in Fruitfly. To learn more about the malware that has befuddled security experts since its discovery, Wardle--who is scheduled to speak about the malware at the Black Hat conference in Las Vegas--decided to interact with the malware directly. According to ZDNet, Wardle built a command and control server to interact with a sample of the Fruitfly malware. Doing so allowed the researcher to remotely communicate with the malicious software the same way an attacker would.

Fruitfly Malware Creator Arrested, Charged With Spying

International Business Times

Phillip R. Durachinsky, a 28-year-old from North Royalton, Ohio, has been charged with using malicious computer software to steal information and spy on thousands of victims over the course of 13 years.

Mughthesec Adware: MacOS Attack Bypasses Gatekeeper Protections

International Business Times

Security researchers have discovered an old version of Mac malware that has reappeared in the wild and managed to hijack Mac machines to generate profit for attackers. The attack, dubbed Mughthesec, appears to be a modified strain of a known adware attack known as OperatorMac. However the new version presents an evolved threat for Mac users, as the adware has found a way to appear as a legitimate application and bypass Apple's built in security systems. Mughthesec masquerades as an Adobe Flash installer--a common disguise for malicious programs--and installs itself on a victim's device if they agree to install the illegitimate Flash update. Once Mughthesec makes its way onto the victim's machine, it begins to seek permission to download other programs.

Ohio Man Charged With Putting Spyware On Thousands of Computers

NPR Technology

In a federal indictment, Phillip Durachinsky faces numerous charges including installing malware on thousands of computers and the production of child pornography. Cuyahoga County Sheriff's Department hide caption