‘Insidious and sick’ Fruitfly malware has been spying on Mac users via their computer’s camera for YEARS

A type of malware that has infected hundreds of Macs remained undetected for years

FruitFly malware uses the Mac’s camera to spy on users and log what is happening on screen.

A security firm called Malwarebytes discovered FruitFly earlier this year, but researchers have since found a new strand of it hiding under a slightly different code.

Scroll down for video

FruitFly uses the computer's camera to spy on users and logs what is happening on screen - and it's been infecting computers for years (stock image)

FruitFly uses the computer’s camera to spy on users and logs what is happening on screen – and it’s been infecting computers for years (stock image)

FRUITFLY

FruitFly uses the computer’s camera to spy on users and captures key strokes and what is happening on screen – and it’s been infecting computers for years.

There are multiple strains of FruitFly which rely on different codes, making it particularly hard to detect.

According to security firm Synack, there are around 400 computers known to be infected with FruitFly and likely to be many more.

Although they are not sure when the bug first came around, researchers have found it works on the Mac Yosemite operating system – which was released back in October 2014.

According to security firm Synack, there are around 400 computers known to be infected with FruitFly and likely to be many more.

Although they are not sure when the bug first came around, researchers have found it works on the Mac Yosemite operating system – which was released back in October 2014.

‘Mac users are over-confident’, Patrick Wardle, chief security researcher at security firm Synack told CNN.

‘We might not be as careful as we should be on the internet or opening up email attachments’, he said.

Mr Wardle anaylsed the strain for months and then managed to decrypt it to set up a server that intercepted signals from computers that had been infected.

‘Immediately, tons of victims that had been infected with this malware started connecting to me,’ he said.

There are multiple strains of FruitFly which rely on different codes, making it particularly hard to detect.

It is now known how it first got on computers but Mr Wardle does not believe it is part of state espionage.

MacSpy (pictured) allowed users to monitor an infected system, capture passwords and other sensitive details through the use of key stroke logging, screenshots and clipboard contents

MacSpy (pictured) allowed users to monitor an infected system, capture passwords and other sensitive details through the use of key stroke logging, screenshots and clipboard contents

MACSPY AND MACRANSOM

In June, Mac users were warned to be vigilant after two separate pieces of malware emerged from the dark web – MacSpy and MacRansom.

MacSpy allowed users to monitor an infected system, capture passwords and other sensitive details through the use of key stroke logging, screenshots and clipboard contents.

MacRansom worked in a similar manner to the WannaCry software that plagued computer systems around the world, including the NHS, last month.

It encrypted the contents of a user’s computer and threatens to delete all of the information it contains, unless a ransom of 0.25 Bitcoins, around £530 ($684), is paid.

‘I believe its goals were a lot more insidious and sick: spying on people,’ Mr Wardle said

Apple has been contacted for comment.

In June, Mac users were warned to be vigilant after two separate pieces of malware emerged from the dark web.

The tools were specifically developed to allow would-be hackers to takeover Apple’s desktop and laptop machines, and even ransom their data.

They were being given away for free by their creators, who are believed to be professional software engineers.

The two systems were called MacSpy and MacRansom.

MacSpy allowed users to monitor an infected system, capture passwords and other sensitive details through the use of key stroke logging, screenshots and clipboard contents.

MacRansom worked in a similar manner to the WannaCry software that plagued computer systems around the world, including the NHS, last month.

It encrypts the contents of a user’s computer and threatens to delete all of the information it contains, unless a ransom of 0.25 Bitcoins, around £530 ($684), is paid.

[“Source-dailymail”]