Your Mac000 Archivesnot safe. Well, at least not as safe as you think it is.
That's the big takeaway following the detailed investigation of a particularly insidious strain of Apple-focused malware that has potentially been around for up to a decade — all the while broadcasting video and audio from victims' computers back to an unknown attacker.
SEE ALSO: Remotely hacking ships shouldn't be this easy, and yet ...The malware, dubbed Fruitfly, was first reported on in January by Malwarebytes. However, it was Synack Chief Security Researcher Patrick Wardle who blew the lid off Fruitfly's true nature on July 21.
"[A] hacker built this to spy on users for probably perverse reasons."
In a conversation with Mashable, Wardle explained that he was sent the malicious software by a friend earlier this year, and that he found it interesting enough to investigate. That investigation led to some unexpected places.
Wardle discovered that the malware directed infected computers to contact a command and control server for instructions — known as "tasking" — but that the primary server was offline. As such, he realized the computers would look for specific backup domains for their directions. It just so happened that "one or two" of those domains were available for registration.
So he registered one, and created a server that could talk to the malware. What he found, well, is pretty damn creepy.
First, Fruitfly gave him both the infected computers' IP addresses — which can be used to determine their locations — and the computers' names. With most Macs, the computer name is just the owner's name.
So, for starters, Wardle was sitting on the names and locations of many of the victims. But that's not all. The malware gave him the power to remotely switch on webcams and microphones, take control of mice, change files, and would even notify him if the computer was in use by its owner.
This Tweet is currently unavailable. It might be loading or has been removed.
"Usually you see that in government or nation-state software," Wardle, who used to work for the NSA, observed.
But the victims weren't nation-state actors — they were regular people. Strangely, however, the system didn't seem designed for financial gain as is more typical of malware infecting the devices of everyday folks. Instead, it appeared to have a completely different objective.
"[A] hacker built this to spy on users for probably perverse reasons," explained Wardle, emphasizing that it was "designed to performance surveillance."
Approximately 90 percent of the infected computers are located in the U.S., with Wardle identifying around 400 compromised devices. He cautioned that those are just the infected systems he found, and that the total could be in the low thousands. Why so low? He speculated two reasons: To keep things manageable for the aforementioned creep, and to avoid detection.
Speaking of detection, how did this thing go undiscovered for so long? Well, according to Wardle, a lot of that has to do with Macs.
"Mac security software is not that good," he notedbefore elaborating that while Macs are good at detecting known threats, they are not that good at identifying new threats. Which, well, is a not-so-gentle reminder that even Mac users should get webcam covers. What's more, Wardle added that Macs are actually easier to hack than recent versions of Windows — a statement which is sure to not win him any love in the Apple community.
Wardle contacted law enforcement with his findings, and he says the entire Fruitfly malware net appears to be shut down at this time. And while that is good news for the 400 victims he identified, the findings suggest that a host of Mac-focused malware may already be out there under all of our noses. All someone needs to do is look for it.
Topics Apple Cybersecurity
Super Bowl LIX livestream: Watch Eagles vs Chiefs on Tubi
Best Black Friday Garmin deal: Save $100 on the Garmin Forerunner 965
Best Black Friday robot vacuum deals: Top vacs from iRobot, Roborock, and Shark at record
Best iPad deals ahead of Black Friday 2024: iPad mini, Air, and Pro deals
Trump says he represents Pittsburgh, not Paris, but, um, well...
Threads might adopt Bluesky’s starter packs
OpenAI Sora leak: What it was and what it wasn’t.
![Early Black Friday security camera deals [2024]](https://helios-i.mashable.com/imagery/articles/02FfTWoiXlhCgjvVAZ4rTIb/images-1.fit_lim.size_133x133.v1732789351.png)
Early Black Friday security camera deals [2024]
Even Trump's Earth Day message was anti
NYT Strands hints, answers for November 28
Best air purifier deal: Save $300 on the Dyson HEPA Big + Quiet air purifier
NASA's testing a futuristic plane. You might fly on it.
Early Black Friday AirPods deals: Max and Pro models are already discounted
Black Friday Samsung Galaxy phone deals: Save up to 31% on S24 Ultra, Z Fold 6, and more
Touring Logitech's Audio HQ
The best early Black Friday deals to shop on Thanksgiving
Beats Studio Pro Black Friday deal: Save 54% at Amazon, Best Buy, and Target
Black Friday Samsung Galaxy phone deals: Save up to 31% on S24 Ultra, Z Fold 6, and more
E3 2017 Trailer Roundup: Upcoming PC Games
25+ best Black Friday beauty tech deals: Dyson, T3, Solawave
Best Amazon deal: Save $90 on the solarBest Samsung Galaxy Watch Ultra deal: Save $160 at AmazonSpotify Wrapped 2024 is here: How to get yoursBest Cyber Monday robot vacuum deals at Amazon: Roombas and Roborocks still at recordIs Spotify Wrapped underwhelming this year? The internet thinks so.Best streaming deal still live: Get Paramount+ with Showtime for $2.99/monthIs Spotify Wrapped underwhelming this year? The internet thinks so.Spotify Wrapped 2024 reveals its global top author, most popular audiobooksBest PlayStation VR2 deal: Save $250.99 on the 'Horizon Call of The Mountain' bundleBest Cyber Monday gaming laptop deals at Amazon: Save up to $600 while deals lastBest TV deal: Save $600 on the 65Threads is upgrading its search tools as Bluesky competition heats upBest Bose QuietComfort earbuds deal: Save $50 at AmazonBest MoviePass deal: Get a year of MoviePass for 25% off, or a month for 50% offBest Cyber Monday robot vacuum deal still live: Roborock Qrevo Master under $900 at AmazonSouthampton vs. Chelsea 2024 livestream: Watch Premier League for freeThe best Netflix movies of 2024 now streamingThe best Cyber Monday Samsung Galaxy deals at Amazon: Phones, watches, earbuds, tabletsSpotify Wrapped 2024 date: When it comes out, how to view yoursSouthampton vs. Chelsea 2024 livestream: Watch Premier League for free Remembering Irony’s Awkward In Introducing Thomas David, Our New Writer The Golden Ratio—Not Always a Thing of Beauty And What Is So Rare as a Day in June? A Brief History of Ultramarine—The World’s Costliest Color Václav Havel: Outtakes from an Interview by Adam Thirlwell Staff Picks: Mantel, Kleeman, Burchfield Introducing Our New Summer Issue It's Dante's Birthday, Maybe ... Should Ovid Come With a Trigger Warning? The NYPL’s Librarians Use to Field All Kinds of Questions “Holiday in the Protectorate” and the Ethics of Role “Hw r u ts mng?” Telegraphy Abbreviations from 1901 Watch: Orson Welles on His Friendship with Ernest Hemingway Are Machines Changing Translation from an Art to a Science? Where We Live: David Graham’s Photos of American Homes In Search of a Peacemaking Pineapple On Stevie Wonder’s “Living for the City” and the NYC Skyline Today in Found Poetry: Sally Quinn, Underlined Sadie Stein’s Wine Cake Recipe
1.6066s , 8227.734375 kb
Copyright © 2025 Powered by 【2000 Archives】,Steady Information Network