“The first…of the new year,” is often a coveted title – but not always. With a reputation as a hardware provider whose devices outshine its competitors in the field of cybersecurity, Apple certainly isn’t happy that “The first Apple malware of the new year,” was awarded so early on. We strongly believe in the safeguards installed on Mac computers, but that doesn’t mean you can justify a lax stance on cybersecurity. Take a closer look at this latest strain.
Where Did it Come From?
Dubbed ‘Fruitfly’ by the powers that be at Apple, it looks as though this relatively harmless malware has been hiding inside of OS X for several years. Fruitfly contains code that indicates it was adapted to move from a previous build of OS X to ‘Yosemite,’ which makes it at least three years old.
In fact, there are some lines of code from a library that hasn’t been used since 1998. It’s possible these were included to help hide Fruitfly, but experts have no idea how long it has been holed up inside the infected machines, or who created it.
What Does it Do?
So far, most of the instances of Fruitfly have been at biomedical research institutions. The administrators who discovered the malware explained that it seems to be written to grab screenshots and gain access to a computer’s webcam.
Considering the specific nature of its victims, and what it can accomplish, Fruitfly seems to be a targeted attack that won’t affect the majority of Mac users. However, Apple has yet to release a patch, and dealing with malware is not something to be put off for another day.
How should I Proceed?
We’re always harping on the importance of network monitoring, and now we finally have proof that we are right. Fruitfly was first discovered by an administrator that noticed abnormal outbound network traffic from an individual workstation. Until Apple releases a patch, a better-safe-than-sorry solution is to contact your IT provider about any possible irregularities in your network traffic.
We recommend these additional steps as well:
– Install a full-service internet security suite on your device and keep it updated.
– Keep all software up to date, as this helps to patch vulnerabilities in your software.
– Keep your firewall turned on.
– Never click on suspicious links or open suspicious emails.
– Don’t chat with strangers online.
– Lock down your wireless network with a strong, unique password.
– For maximum security, use a virtual private network for maximum security.
This particular malware targets apple products, but in the age of the Internet of Things it is vital to understand that hackers and malware are compromising webcams on all devices. Once the culprits are in your webcam, they can access anything that you have linked to your network. For additional advice and resources on how to keep your network secure, email us at firstname.lastname@example.org.