Your Mac is Martial arts Archivesnot safe. Well, at least not as safe as you think it is.
That's the big takeaway following the detailed investigation of a particularly insidious strain of Apple-focused malware that has potentially been around for up to a decade — all the while broadcasting video and audio from victims' computers back to an unknown attacker.
SEE ALSO: Remotely hacking ships shouldn't be this easy, and yet ...The malware, dubbed Fruitfly, was first reported on in January by Malwarebytes. However, it was Synack Chief Security Researcher Patrick Wardle who blew the lid off Fruitfly's true nature on July 21.
"[A] hacker built this to spy on users for probably perverse reasons."
In a conversation with Mashable, Wardle explained that he was sent the malicious software by a friend earlier this year, and that he found it interesting enough to investigate. That investigation led to some unexpected places.
Wardle discovered that the malware directed infected computers to contact a command and control server for instructions — known as "tasking" — but that the primary server was offline. As such, he realized the computers would look for specific backup domains for their directions. It just so happened that "one or two" of those domains were available for registration.
So he registered one, and created a server that could talk to the malware. What he found, well, is pretty damn creepy.
First, Fruitfly gave him both the infected computers' IP addresses — which can be used to determine their locations — and the computers' names. With most Macs, the computer name is just the owner's name.
So, for starters, Wardle was sitting on the names and locations of many of the victims. But that's not all. The malware gave him the power to remotely switch on webcams and microphones, take control of mice, change files, and would even notify him if the computer was in use by its owner.
This Tweet is currently unavailable. It might be loading or has been removed.
"Usually you see that in government or nation-state software," Wardle, who used to work for the NSA, observed.
But the victims weren't nation-state actors — they were regular people. Strangely, however, the system didn't seem designed for financial gain as is more typical of malware infecting the devices of everyday folks. Instead, it appeared to have a completely different objective.
"[A] hacker built this to spy on users for probably perverse reasons," explained Wardle, emphasizing that it was "designed to performance surveillance."
Approximately 90 percent of the infected computers are located in the U.S., with Wardle identifying around 400 compromised devices. He cautioned that those are just the infected systems he found, and that the total could be in the low thousands. Why so low? He speculated two reasons: To keep things manageable for the aforementioned creep, and to avoid detection.
Speaking of detection, how did this thing go undiscovered for so long? Well, according to Wardle, a lot of that has to do with Macs.
"Mac security software is not that good," he notedbefore elaborating that while Macs are good at detecting known threats, they are not that good at identifying new threats. Which, well, is a not-so-gentle reminder that even Mac users should get webcam covers. What's more, Wardle added that Macs are actually easier to hack than recent versions of Windows — a statement which is sure to not win him any love in the Apple community.
Wardle contacted law enforcement with his findings, and he says the entire Fruitfly malware net appears to be shut down at this time. And while that is good news for the 400 victims he identified, the findings suggest that a host of Mac-focused malware may already be out there under all of our noses. All someone needs to do is look for it.
Topics Apple Cybersecurity
Best portable power station deal: Save $179.01 on the EcoFlow River 2 Max
NYT mini crossword answers for March 28, 2025
NYT Connections Sports Edition hints and answers for March 31: Tips to solve Connections #189
Amazon Spring Sale 2025: Best Kindle Scribe deal
Exceptionally rare radio sources detected in the distant universe
NYT mini crossword answers for March 28, 2025
Shop the Shark FlexStyle for 20% off during Amazon's Big Spring Sale
NYT mini crossword answers for March 31, 2025
The internet is talking like Kevin from 'The Office' now
Amazon Big Spring Sale 2025: Best deals under $50
Sony launches new flagship XM6 headphones: Order them now
'Coyote vs. Acme' will finally get a theatrical release
NYT mini crossword answers for March 28, 2025
The unicorns in 'Death of a Unicorn' are total 'movie magic'
Best portable power station deal: Save $179.01 on the EcoFlow River 2 Max
When does Amazon's Big Spring Sale end?
NYT Connections hints and answers for April 1: Tips to solve 'Connections' #660.
Amazon Spring Sale 2025: The Eufy robot vacuum stick vacuum combo is on sale for the first time
Best Kindle Unlimited deal: Get 3 months of Kindle Unlimited for 99 cents
Amazon Spring Sale 2025: $350 off Eufy X10 Pro Omni robot vacuum
'Free speech' social platform Gab goes offline after fatal Pittsburgh shootingThis losing lottery ticket is the most painful thing everThese Halloween decorations are playing out a new scenario every day and it's really something'Gold diggin' dog scams McDonald's customers pretending to be a stray, owner saysTwitter admits it screwed up in not taking action against bombing suspect's tweetsThis stray cat who crashed a fashion show is my favorite supermodelMost streamed TV shows this week (June 25) are thrillersCreepy anglerfish jackApple Watch's ECG feature release will reportedly be limited to U.S.Watch this joyous pup jump into a gigantic leaf pileLet's start calling the Russian 'troll' attack what it really is'Wordle' today: Get the answer, hints for July 1Donald Trump's ditched umbrella goes viral, sums up his presidencySpotify iceberg: How to get the latest viral music chart IcebergifyTwitter shames Trump for doing the absolute least in the wake of explosive devicesThis fan's attempt to film a video with Rami Malek didn't go quite as plannedApple Store is down in the U.S.Yes, there are 100 million rogue black holes wandering our galaxyMobile World Congress will stay in Barcelona until 2030FBI: Scammers are interviewing for remote jobs using deepfake tech Remote controlled fighting robot is here to battle it out Thick sheets of ice lurk just below the surface of Mars MashReads Podcast: 'Fire and Fury' may be the pettiest book of 2018 E! president responds to Catt Sadler pay gap controversy — and oh boy Facebook announces a big News Feed change — and just wants you to be happy Razer partners with Netflix to stream 'Stranger Things,' more in HDR MashReads Podcast: New Year reading and 2018 book goals The Muse brings Alexa to your car dashboard for $69 Snapchat redesign updates in Canada, Australia, U.K., users are angry Sony shows off new Aibo robot dog to public for the first time CES proves that wireless earbuds are the way of the future The 'Overwatch' League launched with no female players, but plenty of excuses Tom Hardy's first 'Venom' photo is of a wholesome Eddie Brock Spyware creator arrested for allegedly creeping on thousands for 13 years Daughter relieves parents' stress by starting the sweetest dance party Canada got so cold, this man could ice skate down his own street Comic super villain Peter Thiel reportedly submitted a bid for Gawker Hulu hit 17 million subscribers in a year of big wins Time's Up: How to support women in Hollywood during this time of reckoning Study finds number of women behind the camera unchanged in 20 years
1.8359s , 10132.40625 kb
Copyright © 2025 Powered by 【Martial arts Archives】,Wisdom Convergence Information Network