A type of malware that has infected hundreds of Macs remained undetected for years. It is the
FruitFly malware which uses the Mac’s camera to spy on users and log what is happening on screen.
The malware, called FruitFly, allows hackers to jump into webcams of affected computers and take screenshots. The malware also has the capability to take over the entire computer.
According to security firm Synack, there are around 400 computers known to be infected with FruitFly and likely to be many more.
Patrick Wardle, an ex-NSA analyst, uncovered FruitFly after registering one of the domains the hackers had planned to use as back up. After doing so, Wardle could see victim IP addresses and 90 percent of them were located in the U.S., according to Forbes.
“This didn’t look like cybercrime type behaviour, there were no ads, no keyloggers, or ransomware,” he said. “Its features had looked like they were actions that would support interactivity: it had the ability to alert the attacker when users were active on the computer, it could simulate mouse clicks and keyboard events.”
MalwareBytes first detected FruitFly in January when it was apparently targeting biomedical research centers.