Macintosh users are rarely targeted by malicious software these days. For some people, that creates a false sense of security. Cybersecurity researchers discovered Fruitfly malware is starting to target MacOS users all over the world. Apple has issued a security fix for this vulnerability already, and all users are advised to install the latest security update as quickly as possible.
Fruitfly Malware Has Apple Concerned
It is always good to see Apple focus on what really matters, which in this case, is the security of their users. This new type of malware, dubbed Fruitfly, is targeting a peculiar set of MacOS users. In fact, it turns out the malware is being spread to biomedical research sites. So far, this new threat has successfully infiltrated three of these research sites, although the total number could be much higher.
Malwarebytes researchers discovered this new threat and looked into how it works. As it turns out, this malware strain could date back to 2014. If that is the case, this malware has done a lot of damage over the past two years. Then again, it is also possible the developers of Fruitfly kept the malware dormant for quite some time, and only decided to activate it a few days ago.
For the time being, the biggest mystery is finding out how this malware is making its way to MacOS devices. It is not often security researchers see malicious software specifically targeting the Macintosh ecosystem. The most logical explanation seems to be how these devices were infected through an Adobe Flash player exploit, although that has not been confirmed.
Additionally, researchers are baffled by how FruitFly is designed. It appears to be a very rudimentary malware type, which contains a total of two files. Moreover, the malicious software runs as a process in user space, without requiring specific privileges or administrator access. Most users would not even notice the malware being present on their device, as it does not appear to be something out of the ordinary.
What is even more intriguing is how Fruitfly has its own Windows variant, which surfaced back in 2013. Although the name is very different, there are a lot of similarities between the MacOS and Windows versions. Researchers also indicated the command-and-control structure for this malware had been spotted in the wild as early as 2011. It is unclear if this “retro coding” was done on purpose, or if these are hints at how old this malware threat really is.
Last but not least, the Malwarebytes researchers discovered Linux shell commands in the Macintosh code sample they obtained. However, there has been no Linux variant of Fruitfly to date, which has security researchers concerned. Two out of the three components found in the Macintosh malware client ran just fine on Linux. Even Macintosh users need to run anti-malware software now and then to ensure their machines are safe from harm.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.
