Man installed Mac malware on thousands of machines: claim

Share

The US Department of Justice has charged OH resident Philip Durachinsky with 16 crimes for allegedly writing malware, nicknamed "Fruitfly", that gave him unfettered access to the PCs of "thousands" of individuals and institutions between 2003 and January 2017.

Durachinsky has been charged in a 16-count indictment with Computer Fraud and Abuse Act violations, Wiretap Act violations, production of child pornography, and aggravated identity theft.

Aside from personal computers, Fruitfly was discovered on a computer run by a subsidiary of the U.S. Department of Energy, one police department, as well as schools and businesses.

Durachinsky's malware, which was later named "Fruitfly", gave him the ability to control computers and access to stored data, allowing him to upload files, take and download screenshots, log a user's keystrokes, and turn on the camera and the microphone to record images and audio. According to the indictment, Durachinsky used the computers to record minors having sex over a five year period.

The indictment alleges Durachinsky saved and created detailed notes on millions of stolen images and the malicious "Fruitfly" software alerted him if his victims were using pornography-related search words. He remains in custody.

Fruitfly, which we first heard about in January 2017, consists of just two files created to open a backdoor into the Macs it infects, letting it receive instructions from the hacker's computer.

Fruitfly proved to be such an odd malware specimen that Patrick Wardle, chief security researcher for the vulnerability testing firm Synack, undertook deep research into it. Within two days of registering one of them, nearly 400 infected Macs connected to his server, mostly from homes in the US.

More news: Nissan's mind-reading cars can predict drivers' actions
More news: When will PlayerUnknown's BattleGrounds come to PS4?
More news: Mike Tyson to open 40-acre marijuana resort in California

Mr Anthony said numerous organisations that Mr Durachinsky is claimed to have compromised, shared key information with the Federal Bureau of Investigation and other law enforcement agencies helping them uncover who was behind the hack attacks.

Officials said some of the computers infected by Fruitfly went beyond personal computers.

Officials believe surveillance was the primary objective of "FruitFly", which was able to spy on people by using the webcam.

This didn't look like cybercrime type behaviour, there were no ads, no keyloggers, or ransomware.

And, he said there were signs it had been around for years, since the code included comments about updates for Mac OS X Yosemite, first released in 2014, indicating that it had been running well before that.

He also allegedly produced child pornography with the material obtained.

Share