The first malware for Mac of 2017 has been found. Called Fruitfly, this malware has been found by Malwarebytes’ team, developer of the much-appreciated anti-malware software. We still don’t know actually where does Fruitfly come from: it seems that it uses some obsolete code to get into systems unnoticed, or it was originated directly from an old code already available in macOS. As far as we know, the threat has been found only in some Macs in biomedical research facilities, and it may as well be possible that the malware attacks also Linux-based systems.
Fruitfly has been found because it was generating odd network traffic, and it has two files and a script to communicate to specific servers, take some screenshots, attempt to take control of the webcam and record system’s uptime. The script exploits another script to hide its icon on the Dock. The most interesting thing about this new threat is that it seems to be using the code of an old open source project developed in 1998: it exists probably since 2014. It’s unclear at the moment how it spreads itself, for there are not enough information to understand its origins.
Apple is currently investigating and developing an update to solve the problem, keeping all Macs secure. Always install system updates: it’s the only trick that truly works.