You must take a proactive approach to cybersecurity to keep your data secure. Whenever a new hacking technique or virus appears, you must pay attention. This is the case with a new variation of the Fruitfly malware.
What makes Fruitfly so notable has nothing to do with the number of infected computers. Instead, it’s because Fruitfly targets the macOS operating system, and has been doing so for years without anyone realizing it.
Fruitfly Malware: Breaking It Down
To understand the situation with Fruitfly, it’s important to understand two distinct concepts: The original version and the variant that affected Mac computers in July of 2017.
Malwarebytes discovered the original version of Fruitfly. It spied on computers in medical research centers for years before being discovered. Once it was identified, Apple took steps to close the holes, and update its operating system to detect and eliminate it.
The recently discovered Fruitfly variant is a different matter altogether. This new version of Fruitfly has been around for at least five years. While the total number of infected Macs is estimated to be only around 400, it could be much higher than people realize.
What makes this new version of Fruitfly so terrifying is that it can not only capture screenshots and keystrokes from affected Macs, but it can also take over the webcam and capture live images without a person knowing that anything is happening. Even though the green indicator light on all Mac hardware is wired directly into the motherboard (meaning that if the camera turns on the light is supposed to turn on), Fruitfly has found a way around this.
Fruitfly is also capable of analyzing other devices that are connected to the same WiFi network—Something that should be troubling to business owners and enterprise users.
The exact method that Fruitfly uses to infect machines is still unknown, but it involves tricking users into clicking on malicious links in fraudulent emails. While it’s true that the primary “command and control” server used by Fruitfly’s creator was shut down, there are potentially hundreds (if not thousands) of infected computers in use that still have the malware strain hidden inside.
Due to the nebulous nature of Fruitfly, there aren’t specific steps that you can take to protect yourself, or remove an infection that’s already occurred. Security experts recommend that Mac users install a program like OverSight, a tool specifically designed to monitor the use of a computer’s microphone and webcam.
Mac Malware: What You Need to Know
The fact that “Macs don’t get computer viruses” is a myth that’s existed since the 1990s. In 2006, security researchers discovered the first piece of malware specific to the OS X operating system. Fast-forward to 2015, and more than 1,400 unique malware samples were discovered.
Part of this stems from the fact that there were so many more Windows computers in use, and that Windows was a less secure operating system. This combination resulted in a virus and malware explosion during the 1990s, along with the fact that personal computers became a more ubiquitous part of our daily lives.
With Apple’s resurgence over the last 15 years, the pendulum has swung the other way. There are still more Windows viruses than there are Mac viruses. However, malware attacks on Macs were up an incredible 744% in 2016 alone. During the fourth quarter of that year, malware samples targeting the macOS operating system increased by 245%!
All of this underscores the importance of employee training in terms of cybersecurity. If your employees assume that because they’re using Apple computers, they don’t have to take steps to protect themselves, they’re a security vulnerability for your business. Mac users now get targeted by phishing scams and other types of sophisticated attacks. As a business leader, you must take steps to ensure all your employees are regularly trained on how to remain safe in the digital world.
The Fruitfly malware may be one of the most-recent strains to target Apple computers, however, it certainly won’t be the last. If you’re in San Francisco and would like to learn more about this or other cybersecurity topics, contact Where To Start by sending an email to firstname.lastname@example.org or by call us at (844) RASM . - 448