Mac Malware outbreaks in last couple years confirms they are no longer a rarity. Mac aiming threats are on rise and with this we are living on the edge. A new prevailing strain of Mac malware has hit the scene dubbed FruitFly. Being undiscovered for at least five years it is recently discovered as a extremely aggressive and dangerous threat. It can take full control of an infected Mac as it works as a remote access trojan (RAT).
What is FruitFly?
A mysterious piece of malware which flew under the radar for quite long allowing hackers to secretly control webcams, keyboards and other resources to infect mac machines. FruitFly can also run on Linux as it is written in a cross-platform code making it highly invasive.
How FruitFly operates?
FruitFly works silently in the background to keep a watch on user’s activity through computers camera by capturing images of what is displayed on the screen and logs keystrokes. It collects information about the devices connected to the same network.
Once the Mac machine is infected the RAT creates a backdoor and benefits attacker to control the infected device via Command and Control server (C&C). Not only this FruitFly seems to have an ability to control mouse movements and can interact with the infected machine.
Why was it undetected for so long?
FruitFly is an old-fashioned malware that partially uses Perl programming language which is no longer used. Thus, leaving it undetectable by both the Mac OS and antivirus program installed on the machine. Additionally, it uses libjpeg code this clearly shows to stay hidden malware is using functions that are retired long ago. This all helps the malware to stay within the Mac after infecting it and remain undetected by exploiting shortcomings in the Mac security software.
These shortcomings are fixed as a security patch is already released to deal with such type of infections. But it is still a dangerous threat.
“The most interesting feature is that the malware can send an alert when the user is active, so that the attacker can then avoid interfering with the computer to remain stealthy. I haven’t seen that before,” Wardle told ZDNet.
Who all were infected by the malware?
Fortunately, only a handful of Mac machines nearly 400 or more were compromised until it was detected. But this doesn’t mean there is nothing to worry as small custom-made FruitFly campaigns may continue to persist, meaning users need to be cautious.
How to stay protected?
Users need to follow some basic rules to stay protected. Usually we all know about them but don’t care to adopt them thus putting our machines at risk.
Here is a list of certain rules you should never fail to follow:
- Always keep your Mac OS updated.
- Use an updated anti-virus software.
- Take incremental backup of your data.
- Disable Bluetooth when not in use.
- Use encryption features like FileVault.
- Keep Flash Player and Java plugins off your system.
These all rule will provide a multi-layer protection to your digital device and will keep it safe from the hackers. It isn’t always necessary to always have a security person who can look after your system security you too can create a shield. It is rightly said the best way to stay protected is by having layered security.
You don’t have to apply any rocket science to enable multi layered security. It can be done during setting up the system or anytime down the road. It’s you who has decide if you want to secure your device or want to leave it open for hackers. Consider this as a wakeup call and stop taking things lightly, this low-grade malware is a sure sign which says that your carelessness can cost you a lot. Get ready before its late, stop thinking you will take cautionary measures take when you have the time. Once your system is infected you won’t be left with much options. Now it’s up to you to decide what you want and when!
Quick Reaction:
Leave a Reply