Fruitfly Mac Malware Creator Charged

Discussion in '[H]ard|OCP Front Page News' started by Kyle_Bennett, Jan 11, 2018.

  1. Kyle_Bennett

    Kyle_Bennett El Chingón Staff Member

    Messages:
    50,633
    Joined:
    May 18, 1997
    Creepers gonna creep and Phillip Durachinsk, and Ohio man, was doing just that and getting away with it for 13 years using his own Fruitfly malware. Fruitfly is a Mac targeted Malware and was not ever discovered till January of 2017. It seems as though that Durachinsk was using Fruitfly to collect images using the Mac's camera as well as collecting audio. He could also collect keystrokes and looks to have had full access to the file system.

    A North Royalton man was charged in a 16-count indictment today for allegedly creating and installing malware on thousands of computers for more than 13 years in order to watch, listen to, and obtain personal data from unknowing victims, as well as produce child pornography.
     
  2. Rahh

    Rahh [H]ard|Gawd

    Messages:
    1,262
    Joined:
    Jan 14, 2005
    Good catch! Sad that it went on for so long and I'm willing to bet it has much to do with the mentality of "MACS don't get viruses" or lack thereof security from Apple in general.
     
    viscountalpha and mynamehere like this.
  3. BSmith

    BSmith Gawd

    Messages:
    684
    Joined:
    Nov 9, 2017
    Dayum! I am sure apathy played a large part in him being able to get away with it for so long.

    And people think I am a dinosaur for not having speakers, mic, and camera attached to my computer. I have always been kind to them and offered them the use of my tin foil hat.
     
    Vokar, PantherBlitz and Kyle_Bennett like this.
  4. lostin3d

    lostin3d Gawd

    Messages:
    854
    Joined:
    Oct 13, 2016
    This is also why MB has been one of my favorites for most of the last 10 years. They're not perfect, none are, but I do consider them to be one of the best.
     
  5. vegeta535

    vegeta535 [H]ard|Gawd

    Messages:
    1,662
    Joined:
    Jul 19, 2013
    Mic and camera sure but seriously speakers? You lose a lot from not having them.
     
    WhoMe, Wrecked Em, Rahh and 2 others like this.
  6. BSmith

    BSmith Gawd

    Messages:
    684
    Joined:
    Nov 9, 2017
    I use a headset with no mic. I do a lot of audio work and my Wife has the Facebook app on her phone. She has already seen and heard things she swears she never posted on Facebook. I cannot afford to have some of my work leaving my office as it is under NDA.
     
  7. Revdarian

    Revdarian 2[H]4U

    Messages:
    2,282
    Joined:
    Aug 16, 2010
    To make this extra creepy, the malware would take pictures once anyone entered sexually themed searches on the browser.
    The malware was made to watch hipsters masturbate pretty much o_O.
     
    Kyle_Bennett likes this.
  8. Rahh

    Rahh [H]ard|Gawd

    Messages:
    1,262
    Joined:
    Jan 14, 2005
    He only targeted hipsters or only hipsters watch porn on the internet?
     
  9. Revdarian

    Revdarian 2[H]4U

    Messages:
    2,282
    Joined:
    Aug 16, 2010
    It went over your head, but Macs.
     
  10. PantherBlitz

    PantherBlitz Limp Gawd

    Messages:
    222
    Joined:
    Apr 14, 2011
    He has skillz for sure. Dude was 15 when he started. How did he manage to spread this?
     
  11. Kyle_Bennett

    Kyle_Bennett El Chingón Staff Member

    Messages:
    50,633
    Joined:
    May 18, 1997
    That was my question too. I looked and could not find any information anywhere or how he deployed this or if he specified his targets.
     
  12. BSmith

    BSmith Gawd

    Messages:
    684
    Joined:
    Nov 9, 2017
    He must have known the secret Apple handshake.

    Or he could have hung around on forums baiting Apple people out of the closet, Ya know, sayin stuff like, "Apple be the floaty turd in the punch bowl of technology. No matter how many times you flush, it just stays there spinning around makin ya all ditzy and wanting to buy more."
     
  13. modi123

    modi123 [H]ardness Supreme

    Messages:
    4,277
    Joined:
    Sep 6, 2006
    I believe the going understanding was either through spam/spear phising emails and/or malicious links.
     
  14. aokman

    aokman Limp Gawd

    Messages:
    485
    Joined:
    Jan 3, 2012
    I find it very hard to believe he was able to achieve this without root access.
     
  15. WhoMe

    WhoMe Gawd

    Messages:
    643
    Joined:
    Jan 3, 2018
  16. aokman

    aokman Limp Gawd

    Messages:
    485
    Joined:
    Jan 3, 2012
    Any system is safe if you arent a fkn moron. This “app” would have failed identified defelopers check immediately, which requires the user to override... then they have to enter root credentials to the system.
     
  17. MrDeaf

    MrDeaf Limp Gawd

    Messages:
    240
    Joined:
    Jun 9, 2017
    Computer illiterate don't understand that.
    Malware typically imitates the window for official installers and updates for OS and other software and they can easily fool anyone with even somewhat outdated knowledge on what to look for.

    Half the time I have to question the official installers, because they look so... low budget and from yesteryear.
     
  18. WhoMe

    WhoMe Gawd

    Messages:
    643
    Joined:
    Jan 3, 2018
    That's an exaggeration. Remember Apple encourages this kind of turn-key mentality and appeals to the non-techie. My MD is far from a moron and I'd rather she keep up on the latest in medicine rather have spend time worrying about the latest computer attack vector.

    If Apple is still doing the "it just works" thing than it should protect against all such attacks and keep on the cutting edge of attack vectors. That same fruitfly thing also attacks Linux, but from what I've seen Linux does not appeal to the "just wants it to work" crowd that Apple does, so much less a problem.

    And it's not just Apple, all this IOT junk including smart TV's should have protections built in (and be updated for life). Same for a lot of the Smart Phone stuff too.