• Fruitfly Malware Swarms MacOS Users

    Home » Forums » AskWoody support » Apple » Apple operating systems » macOS » Fruitfly Malware Swarms MacOS Users

    Tags:

    Author
    Topic
    Kirsty
    Manager
    August 12, 2017 at 9:25 pm #129181

    Bugging Out: Fruitfly Malware Swarms MacOS Users
    By Douglas Bonderud | July 25, 2017

     
    Back in January, a new piece of MacOS malware – dubbed Fruitfly – was found in the wild, infecting and compromising hundreds of devices over the last decade.

    While Apple released a patch for the strain found in January, version 2.0 of this bug continued to evade detection for another six months.

    …that 90 percent of the victims were in the U.S., with a larger concentration in Ohio. He believed that the malware is the work of a single cybercriminal, rather than a nation-state actor.

    Fruitfly malware seems to have naturally reached end of life. Still, two problems persist. First is overconfidence. While it’s unlikely that MacOS was compromised, many users remain convinced that Mac defenses will prevent any infection no matter how or where they surf the web.

    The second problem is the ability of this malware to fly under the radar for years, even as it took complete control of victims’ devices … its infection methods and abilities remain relative unknowns, meaning there’s plenty of room for new swarms to emerge and challenge MacOS security.

    Fruitfly is a reminder that MacOS isn’t infallible, and malware isn’t one-size-fits-all. Even ordinary users are now under threat from bothersome bugs.

     
    Read the full article here

    4 users thanked author for this post.
    OscarCP, Myst, WildBill, Elly
    Reply | Quote
    Viewing 2 reply threads
    Author
    Replies
    • Philomene123
      AskWoody Lounger
      August 14, 2017 at 12:04 am #129289

      Hi there! I am a Mac user (along other Windows devices). El captainis my version.

      As I am a bit paranoid about security, I have an antivirus. Avast.  Is there any way to know you are infected by this Fruitfly?

      I run every week Malwarebytes antimalwares, never got any threats. Only once months ago,  but Avast did his job.

      Thanks to clear it for me!

      Reply | Quote
      • Kirsty
        Manager
        August 14, 2017 at 1:16 am #129290

        @therese
        A link in the article referenced above is for objective-see.com, which has a range of free OS-X security tools; the one that is recommended is Oversight, to enable an alert to users when a webcam or mic is activated.
        The article also mentions BlockBlock, but I see this is still in beta. It’s purpose: “BlockBlock continually monitors common persistence locations and displays an alert whenever a persistent component is added to the OS.”

        Reply | Quote
      • Kirsty
        Manager
        August 14, 2017 at 1:22 am #129291

        The recently discovered Fruitfly can have serious implications for your business.
        By Dakota McDonald | 7 August 2017

         
        The exact method that Fruitfly uses to infect machines is still unknown, but it involves tricking users into clicking on malicious links in fraudulent emails. While it’s true that the primary “command and control” server used by Fruitfly’s creator was shut down, there are potentially hundreds (if not thousands) of infected computers in use that still have the malware strain hidden inside.

        Due to the nebulous nature of Fruitfly, there aren’t specific steps that you can take to protect yourself, or remove an infection that’s already occurred. Security experts recommend that Mac users install a program like OverSight, a tool specifically designed to monitor the use of a computer’s microphone and webcam.

         
        Read the full article here

        Reply | Quote
        • OscarCP
          Member
          February 19, 2019 at 11:40 pm #329502

          So, “don’t click on links in emails I am not expecting to get or that come from unfamiliar sources” would take care of this one for me?

          And an actual Buckeye is behind this?  Sad!

          Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

          MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
          Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
          macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

          Reply | Quote
      • Kirsty
        Manager
        August 14, 2017 at 2:54 am #129292

        I’ve just stumbled across a TechRepublic article on how to use OverSight 🙂
        Hope it helps

        Reply | Quote
    • Kirsty
      Manager
      January 11, 2018 at 6:03 pm #158618

      DOJ Charges Suspect Behind Fruitfly Mac Malware
      By Catalin Cimpanu | January 10, 2018

       
      Just hours ago, the US Department of Justice (DOJ) has filed official charges against an Ohio man for allegedly developing and infecting thousands of Americans with the Fruitfly Mac malware.

      According to a copy of the indictment, the suspect’s name is Phillip R. Durachinsky, 28, of North Royalton, Ohio.

      Authorities believe Durachinsky developed Fruitfly, a Mac spyware strain that has been active since 2003 and has infected thousands of computers.

       
      Read the full article here

      2 users thanked author for this post.
      Elly, Myst
      Reply | Quote
    • Nathan Parker
      AskWoody_MVP
      February 19, 2019 at 11:32 pm #329497

      For malware protection I’ve been using a combination of Webroot plus Malwarebytes Premium. Malwarebytes Premium is mainly for the Mac malware, and Webroot is to ensure PC viruses or malware doesn’t get spread on to other PC users (since even my work’s email protection hasn’t always caught viruses in the past).

      I’ve looked into Objective See as well, but not sure on specific tools I should download.

      I also use Little Snitch for outbound firewall. Works really well.

      Nathan Parker

      1 user thanked author for this post.
      OscarCP
      Reply | Quote
    Viewing 2 reply threads
    Reply To: Fruitfly Malware Swarms MacOS Users

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    June 2025
    S M T W T F S
    1234567
    891011121314
    15161718192021
    22232425262728
    2930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.