One of the big appeals of Mac computers is that they are less prone to viruses because hackers prefer to create viruses for more popular operating systems. Mac computers end up holding sensitive information in research institute labs, but using a Mac is not a foolproof way of protecting information. The internet security company Malwarebytes has just announced the discovery of a new and concerning malware on Mac computers, one that works by exploiting antiquated code.
The First Mac Malware of 2017 Discovered in Biomedical Labs
Popular internet security service, Malwarebytes, has announced the existence of a previously unknown type of malware on Macs. In a blogpost on their MalwarebytesLabs site, Apple security expert Thomas Reed details the discovery of this new virus. He first started looking into it when an IT admin noticed that a Mac computer was sending out some strange outgoing network traffic.
After digging around in the Mac’s files, Reed found a malware that was only two small files. He noted that these files contained “truly ancient functions, as far as the tech world is concerned.” The relatively simple malware used older methods of functioning, so it was not detectable on newer Mac operating systems. Timestamps in the code gave more information about the age and the purpose of the malware.
It seems to have been working since at least October of 2014, and it can be used to take information from computers. Further investigation revealed that the malware was mostly targeting biomedical research centers. Reed theorizes that the malware was not known because it was just used in a few targeted attacks to steal scientific research.
After Reed’s blog post, Apple told the public that they were working on a fix now that they were aware of the issue. It was later resolved with a silent update to Mac computers.
The Impact of This New Fruitfly Malware
The Fruitfly malware has been found in biomedical labs because its main goal is just to take information from the computer. It communicates with a command and control server that can instruct infected computers. Once the malware is on a computer, it can type, take screenshots, view webcam images, and control a mouse cursor.
This can be used to potentially steal scientific data from biomedical research institutes, but so far, no biomedical labs have mentioned any suspicions of rival institutes using their research. The Fruitfly malware itself may not be too damaging for the average Mac user, but it reveals a concerning weakness in the Mac operating system.
The malware uses a lot of older code that dates back to 1998, and it relies on pre-OS X system calls. The method helped to hide the malware’s existence for a few years because many only looked in more recent code for the behavioral detections that revealed the malware.
What made it so well hidden is the fact that this type of malware is only discovered if someone happens to look at the infected portion of the code very closely. The malware itself was very simple, yet it took at least two or three years for Malwarebytes to discover it.
The Next Steps to Removing the Malware
The main problem with the Fruitful malware is just that it may have been used to steal sensitive information, and it reveals that old system calls can be used to hide malware on Macs. Fortunately, the Fruitfly malware is fairly easy to get rid of if it happens to end up on your computer. Apple has already released a silent update for the Mac operating system that gets rid of it.
Image source: pexels.com/photo/turned-on-macbook-pro-214221/