Apple’s Macs are a lot less susceptible to malware and virus attacks than their Windows-based counterparts, but they’re not malware-proof. Hackers may be more inclined to attack Microsoft’s operating system and look for code vulnerabilities, as more people use Windows devices than Macs. But Apple’s desktop operating system still gets its fair share of malware, and a new threat that affected only a few hundred machines was recently discovered and patched. This particular malware has a few scary features built-in though, including the ability to operate the webcam on a target’s computer and record everything the user types.
Called Fruitfly, the malware is capable of advanced surveillance on macOS devices. The code lets an attacker capture screenshots and webcam images, Ars Technica reports. It can also detect devices connected to the same network as the infected Mac, and connect to those devices as well.
Anti-malware provider Malwarebytes made the discovery earlier this month, but it may have been in the wild since October 14th.
“The first Mac malware of 2017 was brought to my attention by an IT admin, who spotted some strange outgoing network traffic from a particular Mac,” Malwarebytes’ director for Mac products Thomas Reed said in a blog post. “This led to the discovery of a piece of malware unlike anything I’ve seen before, which appears to have actually been in existence, undetected for some time, and which seems to be targeting biomedical research centers.”
Apparently, Fruitfly uses code functions predating the first release of OS X in 2001. But what’s interesting about the malware is that it’s not as widespread as one would assume, in spite of its advanced features. Apparently, Fruitfly was being used in targeted attacks, which would indicate that hackers were looking to spy on specific people.
“There have been a number of stories over the past few years about Chinese and Russian hackers targeting and stealing US and European scientific research,” Reed explained. “Although there is no evidence at this point linking this malware to a specific group, the fact that it’s been seen specifically at biomedical research institutions certainly seems like it could be the result of exactly that kind of espionage.”
What’s even more puzzling is that the Mac malware can also run on Linux devices. In spite of its scary capabilities, Fruitfly isn’t a sophisticated piece of software and it can be easily detected as an anomalous process running on Macs. Updating macOS to the latest version should fix the problem, in case your device is infected.