Clik here to view.
Apple has released a security update for macOS to swat an old, previously undiscovered malware dubbed Fruitfly, parts of which can run on Linux. It is the first Mac malware discovery of 2017.
The malware could have existed since the late 90s as it uses code that pre-dates the OS X. It was discovered by MalwareBytes director of Mac offerings, Thomas Reed. "The only reason I can think of that this malware hasn’t been spotted before now is that it is being used in very tightly targeted attacks, [biomedical research centres] limiting its exposure," he wrote.
MalwareBytes calls it ‘OSX.Backdoor.Quimitchin’, and it has code for using the webcam and taking screen shots (Mac screen capture, Linux xwd) and other Mac/Linux commands for rudimentary remote control and network mapping functionality.
Reed states that ironically, despite the age and sophistication of this malware, it uses the same old unsophisticated technique for persistence that so many other pieces of Mac malware do: a hidden file and a launch agent. This makes it easy to spot, given any reason to look at the infected machine closely (such as unusual network traffic). It also makes it easy to detect and easy to remove.
{loadposition ray}
As yet the attack vector (delivery mechanism e.g. remote or via physical access) is unknown and it appears limited to a specific target (biomedical research centres).
