Welcome

Wanting to join the rest of our members? Feel free to sign up today.

  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. We are looking to recruit editorial team. If you like Apple and you want to express your views on this subject contact Alex Dmitri.
    Dismiss Notice

Malwarebytes finds the ‘first Mac malware of 2017,’ apple calls it ‘fruitfly’

Discussion in 'Latest News and Rumors' started by Alex Dmitri, Feb 13, 2017.

  1. Alex Dmitri

    Staff Member Super Admin Contributor

    Joined:
    Feb 6, 2017
    Messages:
    171
    Likes Received:
    14
    Apple’s MacOS, once known as OS X, is believed by many to be completely free of malware — so free, in fact, that you don’t need to run any kind of software to protect against it. That’s for those Windows users to worry about.

    MacOS is indeed less of a target that Windows 10, and whether that’s because it’s used on less than eight percent of all PCs or its inherently more secure has been a topic of some debate. Nevertheless, the fact is that you’re not completely worry-free running a Mac. And now, some researchers at security software company Malwarebytes has found the first piece of MacOS malware for 2017.

    Malwarebytes was informed of the new malware by a particularly perceptive IT administrator, who noticed that one of his Macs was engaging in some unusual network traffic. As Malwarebytes staff looked into things, they discovered a piece of malware written with “antiquated code” that had likely existed — primarily on biomedical research center computers — for some time.

    The code is simple but ingenious, made of only two files but capable of communicating with a remote command and control server and of taking screenshots and sending them along. Some of the code made calls to functions that haven’t existed since before OS X, marking the code as evidence that Macs have indeed suffered from malware since the earliest days. But it’s not been untouched since its creation, with code referencing OS X 10.10 Yosemite.

    Regardless of whether the malware is really that old or just appears to be, it’s relatively easy to discover and eradicate. Malwarebytes’ own software will do the job, detecting it as OSX.Backdoor.Quimitchin. As the company summarizes, “Ironically, despite the age and sophistication of this malware, it uses the same old unsophisticated technique for persistence that so many other pieces of Mac malware do: a hidden file and a launch agent. This makes it easy to spot, given any reason to look at the infected machine closely (such as unusual network traffic). It also makes it easy to detect and easy to remove.”

    Apple itself is aware of the malware, calling it “Fruitfly,” and has since released an update to protect against future infections. The moral of the story, of course, is that although you might think your Mac is less of a target than Windows 10, you’ll want to make sure to keep an eye on things because malware does exist for MacOS. You should consider running some kind of malware software on your Mac, and scan it periodically with an application like Malwarebytes to make sure you’re not infected.