We don’t want to scare you, but your Mac could be harboring a FruitFly malware that has been spying on you for years. Authorities and experts are scrambling to investigate this nasty case of infection, too. Malware attacks on Apple computers are becoming commonplace in recent years. In fact, Mac malware cases have reached new highs in 2017 (and we’re still halfway through).
The unprecedented rise means our chances to encounter a particularly menacing malware may have pretty much doubled. One recently discovered strain has been outright disturbing that security experts have alerted law enforcement agencies for help.
The FruitFly Malware
The cyber security firm, Malwarebytes, has recently discovered an unusual piece of malware that’s called FruitFly. Contrary to its unintimidating moniker, this piece of Mac malware can actually do some really nasty stuff behind the scenes.
Few of the frightening things the FruitFly does include capturing images of what’s on the screen, spying on users through the computer’s camera, and logging key strokes. Even more terrifying than these is the fact that it has been doing them undetected for a long time.
Malwarebytes investigated the first strain of the FruitFly malware earlier this 2017. A second version, the FruitFly 2, came to their attention a few months later.
Upon closer inspection, though, the researchers realized the code on the malware has been modified to work on the Mac Yosemite. As a reference, this OS was publicly released in October 2014. Meaning, the malicious software may have been around even earlier than that year.
It’s a scary realization that had security experts scrambling to find out how it got on Mac computers and who could be behind this terrifying malware.
The Search for Clues
To say the FruitFly malware is mind-boggling is an understatement. Security experts have their hands full trying to figure out how it infected Macs and who could be the brain behind such a potent threat.
What they’re certain is the fact that Mac users can no longer be too confident about their computer’s security these days. FruitFly serves as the perfect reminder that even Macs aren’t as formidable against malware as it used to be.
Number of Infected Users
Patrick Wardle, a chief security researcher who’s in on the FruitFly case, has discovered 400 computers that have been infected by the malware. That’s just the number of Macs infected by the newer FruitFly malware strain.
He got the figure after he successfully decrypted parts of FruitFly’s code (after months of analyzing the malware). Wardle then set up a server to intercept traffic from infected computers and that’s when he got connected to 400 IP addresses and computer names.
He concludes the investigation with the belief that the figure may just be a small portion of the actual number of compromised machines.
Reinforcements from Authorities
With all these disturbing details coming to the surface, security experts have consequently alerted national law enforcement regarding the malware. FBI, on their part, neither confirmed nor denied the existence of pertinent investigations.
Despite reinforcements, it remains unclear how the FruitFly malware got into Mac systems. Experts couldn’t even pinpoint if it has been designed to target random or specific individuals. Could this be the work of some online thief who’s after people’s bank accounts?
Security researchers don’t believe this malware attack has a financial motive. FruitFly may have the capacity to steal financial credentials, sure, but Wardle doesn’t think this is the work of a criminal who may be stealing people’s personal data to make money.
As a former NSA analyst, he ruled out the possibility of a government-sponsored hacker. He believes the FruitFly’s design centers around cyber espionage.
“I believe its goals were a lot more insidious and sick: spying on people,” Wardle reveals.
Protecting Macs vs. FruitFly Malware Strain
With the FruitFly malware operating undetected on Macs for years, it’s clear that the OS’ defenses aren’t as reliable in the face of major malware onslaught. Protect your computer better with these tips:
Steer clear from automatic user logins.
Macs automatically login into your user account by default. Disable this feature, especially when you’re using public Wi-Fi. You don’t want to give free passes to hackers who may be using the same network.
Here’s how to disable the feature:
- Tap on the Apple button.
- Go to System Preferences > User & Groups tab > and then click on the Lock button found below. Enter your administrator password afterward.
- Click on Login Options tabs, then select “Off” from the pop-up window after you click “Automatic Login”.
- Select “Name and Password” from the pop-up window after clicking “Display login window as”.
Forget about remote logins.
Remotely accessing your Mac may offer you a ton of convenience, but it could serve as a backdoor that hackers can exploit. Disable the feature before it’s too late.
Here are the steps:
- After clicking the “Apple” button, navigate to System Preferences > Sharing.
- From here, remove the check on “Remote Login” option.
Make use of standard user accounts.
For everyday activities, experts recommend you use a non-admin account on your Mac. Doing so keeps unauthorized (possibly malware-laden) apps from trying to install anything on your computer because such actions will only be permitted after one provides administrative credentials.
Have Gatekeeper stop digitally unsigned apps.
This is your Mac’s default layer of protection against malware and viruses. Set it to alert you every time you’re about to download a digitally unsigned app. In addition, pair it with a dependable third-party antivirus program for better security.
The fact is that Mac users can no longer be too complacent about their computer’s security nowadays. Although Windows still takes the cake in terms of the number of malware attacks it suffers, this doesn’t mean your Mac is any safer. Security advisors recommend that everyone with a Mac/MacBook should be extra careful with what they do on the Internet. It pays to know how to protect Apple ID from scammers, too.