Fruitfly Mac Malware Creator Charged

[FrgMstr]

Creepers gonna creep and Phillip Durachinsk, and Ohio man, was doing just that and getting away with it for 13 years using his own Fruitfly malware. Fruitfly is a Mac targeted Malware and was not ever discovered till January of 2017. It seems as though that Durachinsk was using Fruitfly to collect images using the Mac's camera as well as collecting audio. He could also collect keystrokes and looks to have had full access to the file system.

​

A North Royalton man was charged in a 16-count indictment today for allegedly creating and installing malware on thousands of computers for more than 13 years in order to watch, listen to, and obtain personal data from unknowing victims, as well as produce child pornography.

 

[Rahh]

Good catch! Sad that it went on for so long and I'm willing to bet it has much to do with the mentality of "MACS don't get viruses" or lack thereof security from Apple in general.

 

[BSmith]

Dayum! I am sure apathy played a large part in him being able to get away with it for so long.

And people think I am a dinosaur for not having speakers, mic, and camera attached to my computer. I have always been kind to them and offered them the use of my tin foil hat.

 

[lostin3d]

This is also why MB has been one of my favorites for most of the last 10 years. They're not perfect, none are, but I do consider them to be one of the best.

 

[vegeta535]

Dayum! I am sure apathy played a large part in him being able to get away with it for so long.

And people think I am a dinosaur for not having speakers, mic, and camera attached to my computer. I have always been kind to them and offered them the use of my tin foil hat.

Mic and camera sure but seriously speakers? You lose a lot from not having them.

 

[BSmith]

I use a headset with no mic. I do a lot of audio work and my Wife has the Facebook app on her phone. She has already seen and heard things she swears she never posted on Facebook. I cannot afford to have some of my work leaving my office as it is under NDA.

 

[Revdarian]

To make this extra creepy, the malware would take pictures once anyone entered sexually themed searches on the browser.
The malware was made to watch hipsters masturbate pretty much .

 

[Rahh]

To make this extra creepy, the malware would take pictures once anyone entered sexually themed searches on the browser.
The malware was made to watch hipsters masturbate pretty much .

He only targeted hipsters or only hipsters watch porn on the internet?

 

[Revdarian]

He only targeted hipsters or only hipsters watch porn on the internet?

It went over your head, but Macs.

 

[PantherBlitz]

He has skillz for sure. Dude was 15 when he started. How did he manage to spread this?

 

[FrgMstr]

How did he manage to spread this?

That was my question too. I looked and could not find any information anywhere or how he deployed this or if he specified his targets.

 

[BSmith]

He must have known the secret Apple handshake.

Or he could have hung around on forums baiting Apple people out of the closet, Ya know, sayin stuff like, "Apple be the floaty turd in the punch bowl of technology. No matter how many times you flush, it just stays there spinning around makin ya all ditzy and wanting to buy more."

 

[modi123]

How did he manage to spread this?

I believe the going understanding was either through spam/spear phising emails and/or malicious links.

 

[Deleted member 243478]

I find it very hard to believe he was able to achieve this without root access.

 

[WhoMe]

I haven't found how this was spread, but this is interesting: https://www.ce-technology.com/2017/12/13/fake-symantec-blog-post-is-spreading-mac-malware/
so maybe Mac users just haven't figured out they might be getting spoofed on their "safe" mac systems?

 

[Deleted member 243478]

I haven't found how this was spread, but this is interesting: https://www.ce-technology.com/2017/12/13/fake-symantec-blog-post-is-spreading-mac-malware/
so maybe Mac users just haven't figured out they might be getting spoofed on their "safe" mac systems?

Any system is safe if you arent a fkn moron. This “app” would have failed identified defelopers check immediately, which requires the user to override... then they have to enter root credentials to the system.

 

[MrDeaf]

Any system is safe if you arent a fkn moron. This “app” would have failed identified defelopers check immediately, which requires the user to override... then they have to enter root credentials to the system.

Computer illiterate don't understand that.
Malware typically imitates the window for official installers and updates for OS and other software and they can easily fool anyone with even somewhat outdated knowledge on what to look for.

Half the time I have to question the official installers, because they look so... low budget and from yesteryear.

 

[WhoMe]

Any system is safe if you arent a fkn moron. This “app” would have failed identified defelopers check immediately, which requires the user to override... then they have to enter root credentials to the system.

That's an exaggeration. Remember Apple encourages this kind of turn-key mentality and appeals to the non-techie. My MD is far from a moron and I'd rather she keep up on the latest in medicine rather have spend time worrying about the latest computer attack vector.

If Apple is still doing the "it just works" thing than it should protect against all such attacks and keep on the cutting edge of attack vectors. That same fruitfly thing also attacks Linux, but from what I've seen Linux does not appeal to the "just wants it to work" crowd that Apple does, so much less a problem.

And it's not just Apple, all this IOT junk including smart TV's should have protections built in (and be updated for life). Same for a lot of the Smart Phone stuff too.