Fruitfly Mac malware creator used it to spy on minors; FBI discloses technique

Mac fans have been overconfident for way too long in their device’s security, thinking no malicious software targets Apple products. They were proven wrong when Fruitfly Mac spyware was revealed in 2017.

The FBI has finally shed some light on the famous Fruitfly Mac malware. It seems, 15 years ago, a 28-year-old from Ohio, who was only 14 at the time, created Fruitfly Mac spyware to spy on children and kept using it undetected until his arrest in 2017. Following his arrest, Phillip Durachinsky was indicted on 16 charges one year later in 2018.

According to documents, the FBI first detected the malware strain in 2017 following a security incident at the Case Western Reserve University. Their investigation led to the suspect and his arrest. When Durachinsky was arrested, investigators found countless images of his victims, including minors.

Through port scanning, the man targeted Macs with weak or no passwords and used the malware to take control of the devices to spy on his victims through the web cam and microphone features. Once inside the network, he also stole keyboard strokes and images. According to the FBI, he was more into watching people than making money off his scheme. Durachinsky kept using the malware until his arrest.

“The attack vector included the scanning and identification of externally facing services, to include the Apple Filing Protocol (AFP, port 548), RDP or other VNC, SSH (port 22), and Back to My Mac (BTMM), which would be targeted with weak passwords or passwords derived from third party data breaches,” said the FBI.

Leave a Reply