Fruitfly Mac Malware Creator Charged

Share

One year ago, a malicious program for Mac surfaced nicknamed Fruitfly.

Durachinksy was identified as the hacker behind the Fruitfly virus after the malware infected more than 100 computers at Case Western Reserve University. The charges (which mostly cover violations of the Computer Fraud and Abuse Act and the Wiretap Act) include an indictment for the production of child porn, but it's not clear to what degree the images or the eavesdropping were involved.

Durchinsky spent around 13 years spying on people from all across the country.

The government charges Durachinsky with stealing sensitive information including passwords, tax, bank and medical records, photographs, web searches and "potentially embarrassing communications", the Justice Department said in a news release. But six months later, Patrick Wardle, now chief research officer at Digita Security, showed that the malware was still out in the wild, just not as widespread. In a finding that proved prescient, about 20 percent of the infected machines were in Ohio.

The FruitFly malware was also the subject of a presentation at the Black Hat USA 2017 and DEF CON 2017 security conferences. And while it was only recently discovered, it had been in existence for awhile - at least before 2014, part of its code indicated it had been modified for the Mac Yosemite operating system, which was released that year.

Screenshot from Patrick Wardle's Fruitfly Def Con presentation. "It is this kind of collaboration that has enabled authorities to bring this cyber hacker to justice".

It said he saved millions of images, kept detailed notes on what he observed, and designed it to alert him if a user typed words associated with pornography.

Big Brother star Rebekah Shelton not dead after 'hack'
The Brazilian, 32, who changed her name from Rodrigo Lopes after a sex change in 2014, featured on the reality TV show in 2009. When asked if she'd ever had regrets about transitioning, she said: "As soon as I left intensive care I felt that pain".

The indictment also alleges that Durachinsky produced child pornography.

It's still unclear how Fruitfly ended up on computers.

The malware gave him access to data and allowed him to upload files, download and take screenshots, track keystrokes, and turn on the camera and microphone - and record it all.

Phillip Durachinsky, 28, was indicted for infecting thousands of computers with malware that allowed him to secretly hijack webcams in order to watch and listen to unknowing victims for over a decade.

To store the information and obscure the activity, Fruitfly needed bandwidth and storage.

More intriguing still at the time, Malwarebytes found Windows-based malware that connected to the same control servers used by Fruitfly. They knew that malware dubbed Fruitfly captured screenshots and webcam images and had been installed on hundreds of computers in the United States and elsewhere, possibly for more than a decade.

Share