In January this year, a dangerous surveillance malware was found targeting Mac and Linux devices – The malware was discovered by Thomas Reed, an IT security researcher at Malwarebytes who called it Quimitchin while Apple Inc., labeled it as Fruitfly malware.
The main purpose of infecting Macs with Fruitfly was to perform spying operations, and biomedical research institutes were its main targets. When a Mac is infected with Fruitfly, it acquires information from local networks and all the devices that were connected with it.
The malware is quite sophisticated since it can compromise the webcam of Mac machine, capture screenshots, simulate key presses and mouse clicks. It also provides an attacker the remote control of a targeted device.
To tackle the threat, Apple released an update for Mac devices, and the situation was under control. However, now, Patrick Wardle, an ex-NSA analyst and currently Director of Research at cybersecurity firm Synack has found Fruitfly’s variant targeting Mac users in the United States.
Wrote C&C server to analyze🍎-virus for @BlackHatEvents/@defcon talk. Took over a C&C addr & 100s 🤒💻 (90% in 🇺🇸): ‘hi, task us’👮now involved😱 pic.twitter.com/DxS1y8KYZB
— patrick wardle (@patrickwardle) July 21, 2017
Wardle, who will demonstrate his findings at the Black Hat conference in Las Vegas on Wednesday 26th says he identified 400 infections in the United States, but there can be more since he has access to limited servers infected and controlled by the malware.
Quimitchin #Malware Targeting #Mac Users also Compatible with #Linux | https://t.co/ytphtziJwT #Security #Apple pic.twitter.com/bdMQIF7g2t
— Hackread.com (@HackRead) January 19, 2017
Wardle told Forbes that he discovered the variant by registering one of the domains the cyber criminals were planning to use in case the main server controlling the malware goes offline. Lucky for Wardle the attackers didn’t register the domain.
Upon analyzing the domain, Wardle found 90 percent of IP address along with the names of infected Mac devices belonging to victims in the United States. Most of the targeted users were individuals but in some cases, the devices belonged to colleges.
Wardle has now handed over his findings to the law enforcement authorities for further investigations. As for himself, he’s gearing up for a presentation for the upcoming Black Hat Conference.
It is still unclear who are the creators of this malware and what are their aims with its variant. But we have compiled a list of 11 easy tips to secure your Mac against hackers. Stay safe online.