The researcher has found an unusual piece of malware named FruitFly, that is been infecting some Mac computers for years. Security firm Malwarebytes discovered the first strain earlier this year, but a second version called Fruitfly subsequently appeared.
The Chief security researcher at security firm Synack found 400 computers infected with the newer stain and believes there are likely many more cases out there.
FruitFly operates quietly in the background, spices on users through the camera of the computer, capture images of what is shown on the screen and logs key strokes. Although it is not clarified that for how long FruitFly has been affecting computers. The researchers found a code that was changed to work on the MAC Yosemite operating system, which was released in October 2014. This suggests the malware happen to live before that time.
Wardle, a former NSA analyst, ruled out the possibility of a nation-state hacker who targets users to intercept data for cyber-espionage. He also doesn’t believe it’s a criminal using people’s data to make money.
Wardle says there are multiple strains of FruitFly. The malware has the same spying techniques, but the code is different from each strain.
Wardle added FruitFly is completely new to Macs. He alerted national law enforcement to the malware. The FBI said it does not confirm or deny the existence of investigations. It’s unclear how it got on machines and if it targeted individuals randomly or directly.