MIAMI (CBSMiami) – Law enforcement agents are looking into malicious code that’s been hitting Mac users in the U.S.
“FruitFly,” as the malware has been dubbed, is nearly undetectable.
The hack is thought to be for surveillance as hackers were able to jump into the webcams of the affected computers and take screenshots, though the FruitFly malware has the ability to take over the entire computer.
“This didn’t look like cybercrime type behaviour, there were no ads, no keyloggers, or ransomware,” said Patrick Wardle, cybersecurity researcher, via Forbes. “Its features had looked like they were actions that would support interactivity: it had the ability to alert the attacker when users were active on the computer, it could simulate mouse clicks and keyboard events.”
This isn’t the first time that FruitFly is making a hacking appearance. Earlier this year, it was used to target biomedical research centers.
“The only reason I can think of that this malware hasn’t been spotted before now is that it is being used in very tightly targeted attacks, limiting its exposure,” wrote Thomas Reed, MalwareBytes researcher. “Although there is no evidence at this point linking this malware to a specific group, the fact that it’s been seen specifically at biomedical research institutions certainly seems like it could be the result of exactly that kind of espionage.”
It’s still unclear where it came from and who is orchestrating it.
Mac malware is very rare.
More details are expected at a hacker conference later this week.