Latest Research report of the Malwarebytes Security Firm reveals that ‘Fruitfly’ Malware is in the loose that runs using antiquated code on computer running Macintosh operating system. Apparently, ‘Fruitfly’ Malware is the Mac Malware of 2017, it was discovered on 17th January. Antiquated code allows the malware to remain undetected while running at the back end. According to the experts from Malwarebytes labs detection of ‘Fruitfly’ Malware was made possible with the use of “OSX.Backdoor.Quimitchin” that utilizing some specific code that exists before OS X itself.
‘Fruitfly’ Malware operates on the affected computer with two files and uses a hidden Perl script to communicate with its C&C servers with screenshots. The malware was first reported by an IT Administer who noticed an irregular number of outgoing network activities from a computer running Mac. In research report Malwarebytes Labs mentioned that ‘Fruitfly’ Malware is seems to be targeting biomedical research center specifically. As we mentioned, the malware is very simplistic on the surface, only following two files were found related to it:
On the other hand, Perl script includes features for taking snapshot via shell command – “screeencapture”. It is also capable enough to get the affected computer’s uptime, using the command – “uptime”. The most interesting coding of the Perl script could be found in the _DATA_ section at the end. Which the extracts and writes data into the %TEMP% folder and executes the malicious files without victim’s consent.
Despites, the ‘Fruitfly’ Malware uses the same old unsophisticated methods for persistence that most of all Mac malware do – just a hidden file and a lunch Agent. After analyzing the source code, experts revealed that the Mac Malware is not developed by highly experience professionals. Seems like the developers don’t know the architecture of Mac Operating system quite enough.
Some resources confirmed that Apple is aware of the ‘Fruitfly’ Malware attacks and experts are working on releasing a patch soon enough. Till then, you can make use of your favourite Antivirus software to keep your Mac-computer safe.