Earlier this year, researchers from security firm Malwarebytes discovered a piece of Mac malware called Fruitfly that reportedly spied on computers in medical research centers for years before being detected. Apple has since updated macOS to automatically detect the malware, safeguarding users.

macbook air
However, a new variant of the Fruitfly malware has recently been discovered by Patrick Wardle, a researcher with security firm Synack. Wardle said the malware has been targeting Macs for at least five years, with the number of infected Macs totaling nearly 400 and possibly much higher, reports Ars Technica.

The malware can supposedly capture screenshots, keystrokes, webcam images, and other info about each infected Mac. The Fruitfly variant also collects information about devices connected to the same network, according to the report.

Wardle said the method of infection remains unknown, but he suspects it involves tricking users into clicking on malicious links, as opposed to exploiting vulnerabilities in apps or in macOS. He added that the primary command-and-control server used by the malware's creators has since been shut down.

Many of the affected Macs have never been disinfected, however, allowing Wardle to create his own custom command-and-control server for the malware and witness the close to 400 infected machines connect to it.

After analyzing the new variant, Wardle was able to decrypt several backup domains that were hardcoded into the malware. To his surprise, the domains remained available. Within two days of registering one of the addresses, close to 400 infected Macs connected to the server, mostly from homes located in the United States. Although Wardle did nothing more than observe the IP address and user names of Macs that connected to his server, he had the ability to use the malware to spy on the users who were unwittingly infected.

Wardle will provide a briefing about his custom command-and-control server tactics on Wednesday at the Black Hat security conference in Las Vegas.

Since the method of infection is unknown, there aren't many specific steps users can take to ensure they're protected. But, given all domains known to be associated with the malware are no longer available, and the limited number of Macs infected beforehand, most users shouldn't be too worried about this malware.

One option Mac users have is to install OverSight, a free software tool that monitors a Mac's microphone and webcam, alerting the user when the internal microphone is activated, or whenever a process accesses the webcam.

Wardle has reported all of his findings to law enforcement officials, and the threat is likely neutralized, according to the report.

Tag: Malware

Top Rated Comments

Altis Avatar
96 months ago
Keep operating systems up to date. Exploitation of un-patched vulnerabilties by non-governments is exceedingly rare.

If you don't do security updates as they become available you almost deserve what you get.
That's why security updates should be separate from feature updates.

A lot of people deliberately don't update because of adverse changes to the user experience, leaving security vulnerabilities.
Score: 7 Votes (Like | Disagree)
throAU Avatar
96 months ago
That's why security updates should be separate from feature updates.

A lot of people deliberately don't update because of adverse changes to the user experience, leaving security vulnerabilities.
I get it, but it comes down to this:

Adapt or switch platforms if the user experience changes bother you that much.

No developer is going to support a massive number of platforms with security updates concurrently. They just can't afford to patch old platforms forever. Because every platform means a seperate codebase to maintain and backport/re-develop updates for, beta test, etc.

Apple right now supports 3 (? more?) OS revisions typically (i.e., they do split feature updates and security updates to that degree already), if you haven't dealt with the "user experience" changes after 2-3 new OS revisions, you should be jumping ship to another platform. Just not patching and becoming insecure isn't really a sensible choice.

I'm guessing the big cries from some still go back to the changes made in Lion. It is well beyond time to get over it.

But you'll get the same thing wherever you jump. MS won't support old operating systems forever, and neither will any Linux distribution. No one will.

Adapt, or deal with being insecure.
Score: 3 Votes (Like | Disagree)
throAU Avatar
96 months ago
Keep operating systems up to date. Exploitation of un-patched vulnerabilties by non-governments is exceedingly rare.

If you don't do security updates as they become available you almost deserve what you get.
Score: 3 Votes (Like | Disagree)
OldSchoolMacGuy Avatar
96 months ago
People aren't aware of this? Been around for years.
Score: 2 Votes (Like | Disagree)
convergent Avatar
96 months ago
I wonder how many windows pcs are infected right now?
I would place my guess at zero Windows PCs infected with malware targeting Mac webcams, but I could be wrong. :rolleyes:
Score: 1 Votes (Like | Disagree)
charlituna Avatar
96 months ago
That's why security updates should be separate from feature updates.

A lot of people deliberately don't update because of adverse changes to the user experience, leaving security vulnerabilities.
with Mac OS they often are
Score: 1 Votes (Like | Disagree)

Popular Stories

Apple AI Command Center Concept Mock 3

Apple Expected to Launch This All-New Device Next Year

Wednesday November 27, 2024 1:05 pm PST by
Apple is expected to kick off 2025 by launching an all-new smart home hub, also referred to as a "command center," as early as March. The hub is expected to feature around a six-inch display that can be attached to a tabletop base with a speaker, or mounted on a wall. The device is said to run a new "homeOS" operating system with a customizable widget-focused home screen, and it is expected...
Whatsapp Feature

WhatsApp to Drop Support for These iPhones Starting May 2025

Monday December 2, 2024 2:57 am PST by
WhatsApp is set to end support for iOS versions older than iOS 15.1 from May next year, removing the chat platform's compatibility with several iPhone models in the process. From May 5, 2025, WhatsApp will no longer be compatible with iPhone 5s, iPhone 6, and iPhone 6 Plus models. Users with those devices won't be able to access the encrypted chat service after the specified date unless they ...
New Things Your iPhone Can Do in iOS 18

18 New Things Your iPhone Can Do in iOS 18.2

Wednesday November 27, 2024 5:05 am PST by
Apple is set to release iOS 18.2 in early December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. There are a handful of new non-AI related feature controls incoming as...
iphone 16 pro models 1

12 Reasons to Wait for Next Year's iPhone 17

Friday November 29, 2024 5:17 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we sometimes get rumored feature leaks so far ahead of launch. The iPhone 17 series is no different – already we have some idea of what to expect from Apple's 2025 smartphone lineup. If you plan to skip...
airpods pro 2 gradient

AirPods Pro 3 Expected Next Year: Here's What We Know

Thursday November 28, 2024 3:30 am PST by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch sometime in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as...
Flip iPhone Thumb 1

Apple's 2026 Foldable iPhone Could Reinvigorate Stalling Market

Monday December 2, 2024 4:04 pm PST by
The foldable smartphone market has stalled with customer interest in foldables waning, but that could change when Apple debuts a foldable iPhone, according to display analyst Ross Young. In a report on the current foldable smartphone market, Young says that Apple is expected to "enter the foldable market" in the second half of 2026. Apple's "dominant position in flagship smartphones" could...
iPhone 17 Pro Dual Tone Rectangle Feature 1

iPhone 17 Pro Already Rumored to Have These 8 New Features

Wednesday November 27, 2024 12:19 pm PST by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch for 10 more months, there are already plenty of rumors about the devices. An imaginative iPhone 17 Pro concept based on rumors Below, we recap key changes rumored for the iPhone 17 Pro models so far: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro ...