Casa > cibernético Notícias > Fruitfly, Primeira Mac Malware para 2017 Rachou pelo pesquisador

fruitfly, Primeira Mac Malware para 2017 Rachou pelo pesquisador

Even though Microsoft dominates the desktop market, malware authors are starting to pay more and more attention to Mac OS. Apple’s operating system is also prone to vulnerabilities, and attackers have succeeded in exploiting them throughout the past two years. A good example for malicious operations that have moved from Windows to Mac is OSX.Pirrit. Initially adware for Windows, Pirrit was re-adjusted to target Mac computers.

relacionado: São Linux Sistemas No Longer “Safer” de ataques de malware?

Last year’s Security analysis showed that OSX.Pirrit was far more complicated and capable of malicious activities than its Windows counterpart. It didn’t just flood the victim’s browser with ads but could also obtain root access to their system. No geral, Pirrit para Windows pode ter sido um programa de adware clássica injetar anúncios intrusivos em navegadores, but the Mac variant was worse.

Researcher Cracked the First Mac Malware for 2017

Why are we telling you all of this? It appears that a researcher has succeeded in cracking what is most likely the first piece of Mac malware for 2017. The reasons for success? The authors used some very old code. The specific targets also made it easy for him to uncover the attack. The malware in question is called Fruitfly and is essentially a backdoor which “contains functions and system calls that precede OS X – Apple’s major rewrite of its operating system that debuted in 2001,” as explained by security researcher Thomas Reed.

The first Mac malware of 2017 was brought to my attention by an IT admin, who spotted some strange outgoing network traffic from a particular Mac. This led to the discovery of a piece of malware unlike anything I’ve seen before, which appears to have actually been in existence, não detectado, for some time, and which seems to be targeting biomedical research centers, Reed said.

Como acima mencionado, Fruitfly is a backdoor designed to take screenshots and gain access to webcams. Felizmente, it turns out that it’s easy to remove and is detected instantly. Não obstante, it’s been circling for at least two years.
The malware has functions and system calls prior to OS X. As pointed out by the researcher, it uses a code library called libjpeg, used for encoding and manipulating JPEG images. Funny enough, the library a used in Fruitfly hasn’t been updated since 1998, which is quite a long time.

relacionado: Ataques de phishing do Gmail 2017: Como reconhecer o Scam

The researcher says that there may be a reason hackers are using code this old. It may be because the attackers are not well aware of how Mac machines work. Or it may be because they were trying to avoid triggering behavioral detections that might be expecting newer code.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *