Security experts have recently discovered a previously unknown Mac-based spy malware that preys on outdated coding practices to launch real-world attacks on computers in the biomedical research industry.
The unsophisticated and out-of-date code has remained undetected for years on macOS systems. The malware has been labelled Fruitfly and it was first discovered as ‘OSX.Backdoor.Quimitchin’. An IT administrator working for information security firm Malwarebytes was alerted to the malware due to unusual outgoing activity sourced from a Mac computer.
The First Malware of 2017
Researchers are labelling the Fruitfly the first Mac Malware of 2017. Fruitfly is said to contain code dating back to OS X and it has been conducting surveillance on targeted networks for over two years. Fruitfly uses a hidden pearl script which communicates with command and control servers. Disturbingly for targeted biomed companies, Fruitfly can capture webcam, screenshots, grab system uptime while moving and clicking the mouse cursor.
Fruitfly’s reach can extend to connected devices in the same network as the corrupted Mac as it attempts to connect to these also. Fruitfly uses a secondary script along with Java class to conceal its icon from displaying in the macOS Dock. It’s still unknown how the malware was distributed and infected the Macs.
Code Dating from 1998
Researchers have found that the malware’s code pre-dates Apple’s OS X and that it is running on “libjpeg” code, JPEG-formatted images files that were last updated almost 20 years ago in 1998.
How Has it Gone Undetected for so Long?
In a blog post written by Malwarebytes’ Thomas Reed, he speculated that Fruitfly has been used selectively in very tightly targeted attacks which have limited its exposure. International espionage is a buzz topic right now and the nature of this form of attack is a hallmark of past Russian and Chinese attacks aimed at US and European scientific research.
Malware can be a great cause for loosing important documents or files to Hackers. Your article says it all. Thanks for sharing recent incident. Keep posting.
shimonsheves is very good writer and I read all his post. From ths post I know about unknown Mac-based spy malware which is very important think. I always think about my MAC to keep it save. So this post help me a lot. Thank you.
Shimon Sheves truly embodies the adage, “Think Global, Act Local”. He is deeply passionate about his homeland of Israel and works tirelessly to support his community. Sheves is also the founder and chairman of HolistiCyber company that provides nation-state level cyber protection.
Really nice and useful article. Thanks for sharing this with all of us!!! 😀
Malware can be a great cause for loosing important documents or files to Hackers. Your article says it all. Thanks for sharing recent incident. Keep posting.
Just enjoyed the concept of Spying Malware Detected in Biomedical Company.It truly gives so much ideas about spying detection.
Great article, nowadays spying is a global problem!
Very interesting and useful article. Thank you for sharing. Well done ! Greetings
This was very interesting article, very useful information.
I am always interested in this type of topic about malwares and viruses. Interesting topic..
soo nice article, i hope so u will continue write about this in future 🙂
Hmm, nice article guys, good and useful information’s. Keep up with this good work.
shimonsheves is very good writer and I read all his post. From ths post I know about unknown Mac-based spy malware which is very important think. I always think about my MAC to keep it save. So this post help me a lot. Thank you.
Very interesting article. Thanks for sharing.