'Fruitfly' Malware Points To Growing Hacker Interest In Targeting Macs


Printer-friendly version Email this CRN article

A newly discovered variant of malware for Macs is drawing attention to the growing issue of cyber threats against Apple's computers, which have been long seen as largely immune to the sorts of problems that plague Windows PCs.

The recently uncovered malware – a variant of the "Fruitfly" malware that was discovered in January – is troubling more because of its potential for spying on Mac users than its actual impact. Just a few hundred Macs have reportedly become infected, but researchers say the malware could be used for such surveillance activities as taking webcam photos and capturing keystrokes.

[Related: Apple Responds Quickly To New Type Of iPhone Hack, But Security Cred May Still Take A Hit]

Notably, the Fruitfly malware appears to use some outdated code, from a time before Apple's introduction of OS X. The malware is "very strange, because it seems to have been around but not doing much," said Michael Oh, CTO of TSP LLC, a Cambridge, Mass.-based Apple partner. "It's clearly a proof of concept that somebody had put out in the wild, perhaps in a limited form or perhaps to see how wide it would spread."

The discovery of the new Fruitfly variant adds to what has already been an unusually active year for Mac-related security threats. Cybersecurity vendor Malwarebytes, which initially uncovered Fruitfly in January, said in a recent report that Mac users saw more malware during the second quarter of the year than they had seen in all of 2016.

"More new malware families have appeared so far this year than in any other previous year in all the history of Mac OS X, and the year’s only half over," Malwarebytes said in the report.

In May, a hacked server began serving a malware-infected version of DVD ripping application Handbrake, and downloads of the infected program took place for several days before the hack was discovered.

Apple told TechCrunch in April that there are about 100 million Mac users worldwide. Many Mac users – such as software developers and business executives – could be considered high-value targets by hackers, Oh said.

"I think the interest that hackers may have is to look at smaller but more valuable targets," he said. "Particularly as hacking becomes much broader of an industry in itself, you'll see more exposure to Mac users."

Oh said his firm is already "in the same kind of security stance as a Windows-based MSP" for protecting Mac-using clients. He has seen an increase in "potentially unwanted applications" (PUAs) on user's Macs, which rely on adware—clicking on an ad that downloads a piece of software.

"We've definitely seen an uptick in PUA installations, and that seems like an indication of what's to come" in terms of increased Mac threats, Oh said. "I think it's only a matter of time really."

Printer-friendly version Email this CRN article