Skip to comments.Man Charged Over Super Creepy Apple Mac Spyware That Snooped On Victims Via Webcams
Posted on 01/11/2018 2:11:23 AM PST by Swordmaker
Earlier this year Forbes reported on an especially creepy strain of malware known as FruitFly targeting Apple Macs. At the time, it was unclear just what the spy tool was for, though it appeared to be used for surveilling people's personal Macs, in particular peeping at them through their webcam.
Now the U.S. Department of Justice has unveiled an indictment against 28-year-old North Royalton, Ohio, resident Phillip Durachinsky, who is not only accused of spying on Apple Mac owners via Fruitfly but also of producing child pornography. Prosecutors alleged Durachinsky had been installing spyware on people's PCs for more than 13 years "in order to watch, listen to and obtain personal data from unknowing victims."
Whilst his malicious tools found their way into individuals' computers, they also infiltrated PCs at companies, schools, a police department and the government, including a body owned by a subsidiary of the U.S. Department of Energy, according to the charges. FruitFly was capable of stealing files, pilfering passwords, as well as turning on the microphone and the camera. Thousands of PCs were infected, prosecutors said.
(Excerpt) Read more at forbes.com ...
Note, FRUITFLY was spread by two vectors: (1) a Trojan horse program using social engineering to get the user to download it and install it himself usually disguised as some useful utility or game, and (2) physical access to the target computer where the bad guy installs it.
As reported back in January 2017 when first identified, on Macs, FruitFly was found in very limited locations mostly related to biological research. Very few FruitFly malware were ever found in Macs belonging to private individuals or schools, etc., although there were some, but even then they were peripherally related to employees and families of the primary locations. FruitFly seemed to be very targeted to research in biochemical, genetics, and pharmaceuticals, hence the name "FruitFly."
Once FruitFly was discovered and its signature was identified, FruitFly was added to the library of malware that Apples MacOS built-in anti malware protections will identify and warn the user about before it can be downloaded, installed, or run, requiring an administrators name and password to continue with each of those steps. It takes an industrial strength stupid user to get infected with such a malware; the user has to not only ignore the clear warnings alerting him he is going to be infecting his computer with malware, he has to ACTIVELY ALLOW IT BY GIVING AN ADMINISTRATORS NAME AND PASSWORD THREE TIMES!
The latest Apple/Mac/iOS Pings can be found by searching Keyword "ApplePingList" on FreeRepublic's Search.
If you want on or off the Mac Ping List, Freepmail me
Incidentally, all records indicate there have been approximately 400 Macs hit by FruitFly. . . at least that was the number that Malwarebytes found reporting to the FruitFly home server this guy had setup. Most of these were in the US. He later abandoned that server and Malwarebytes could see no evidence of efforts of the FruitFly creator to monetize the malware. For example no advertising, hijacking, or ransomware were installed on the targeted computers. It was theorized industrial espionage and/or perverse spying were possible motives by a single individual.
The article mentions “thousands” of computers, but that has not been reported in the tech Press as far as Macs are concerned. Im wondering since theyve gone back further and are now reporting the Windows PC involvement if the discrepancy has to do with those machines?
Thanks for the heads up!
Tape over the camera here...
Meanwhile, another GOP governor bites the dust:
“Tape over the camera here...”..
The only foolproof defense is your nifty Intel inside sticker or electric tape over the lens.
I have an old Mac webcam for an old Mac monitor, you rotate the lens and a cover closes over the lens. Ahead of its time. Too bad they don't build sliding covers into monitors that will allow you to cover the lens. As for us, we use post-it notes pasted over the lens, remove it as needed for video chats.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.