Yikes! Mac malware discovered in the wild allows webcam photos, screenshots, key-logging

Premium1

Trusted Member
Aug 17, 2011
3,610
43
0
Visit site
The malware is a variant on Fruitfly, discovered back in January and blocked by a macOS update shortly afterwards. Fruitfly used antiquated code that actually predates OS X, and was used in targeted attacks against biomedical research institutions.

Wardle told ArsTechnica that the variant was mostly found in Macs in homes in the USA.

After analyzing the new variant, Wardle was able to decrypt several backup domains that were hardcoded into the malware. To his surprise, the domains remained available. Within two days of registering one of the addresses, close to 400 infected Macs connected to the server, mostly from homes located in the United States. Although Wardle did nothing more than observe the IP address and user names of Macs that connected to his server, he had the ability to use the malware to spy on the users who were unwittingly infected.

Based on analysis of the IP addresses connecting to the server, the malware does not appear to be targeting companies, and also does not appear to be designed to make money.

“I don’t know it if it’s just some bored person or someone with perverse goals,” Wardle said. “If some bored teenager is spying on me, that would still be very emotionally traumatic. If it’s turning on the webcam, that’s for perverse reasons.”

Wardle informed law enforcement officials, and the hardcoded domains have been shut down, neutralizing the threat for now. The researcher has passed details to Apple, and will be speaking more about the malware at the Black Hat Security Conference in Las Vegas, where we’ll also hear more details about the serious wifi vulnerability fixed in iOS 10.3.3.

It is likely that owners of infected machines were tricked into clicking on a link that installs the malware. As always, you should only ever install apps from the Mac App Store and trusted developers.
 

Just_Me_D

Ambassador Team Leader, Senior Moderator
Moderator
Jan 8, 2012
59,681
627
113
Visit site
I have black electrical take covering the front facing camera lens on my iPad Pro....:)
 

Just_Me_D

Ambassador Team Leader, Senior Moderator
Moderator
Jan 8, 2012
59,681
627
113
Visit site
I have tape covering my webcam. I also have it covering my work computer and my students always ask why I have tape on my webcam lol

I hear ya. As for your students, they’re a part of a generation where they seem to share everything with everybody. It can be argued that privacy to them is not as important as is it to older people, but I could be wrong.
 

anon(50597)

Trusted Member
Dec 2, 2008
2,073
0
0
Visit site
I don't worry about such things, I just try to be smart about the way I use my devices and what I download. What would be the purpose of anyone spying on me? It would just be a waste of time and resources.
 

doogald

Trusted Member
Oct 23, 2012
2,736
71
48
Visit site

anon(50597)

Trusted Member
Dec 2, 2008
2,073
0
0
Visit site
Do you ever type passwords into web sites, or enter credit card numbers into purchasing sites? I believe that this malware included a key logger (so, it could capture and upload your keystrokes.)

Here is a link to the original Ars Technica story by Dan Goodin, BTW: https://arstechnica.com/security/20...ndreds-of-macs-remained-undetected-for-years/

My point is, the best security is the the user. Keep your software updated, be smart about how you use your device and you have little to worry about.