JANUARY 25, 2017
We love Mac computers as much as anyone does, but even we have to admit the notion of superior cybersecurity can be a bit overblown. Malware still finds its way onto Apple devices, and the only remedy is preparedness. Take a minute to brush up on the first Apple malware of 2017 before it puts a damper on your new year.
Where did it come from?
Dubbed ‘Fruitfly’ by the powers that be at Apple, it looks as though this relatively harmless malware has been hiding inside of OS X for several years. Fruitfly contains code that indicates it was adapted to move from a previous build of OS X to ‘Yosemite,’ which makes it at least three years old.
In fact, there are some lines of code from a library that hasn’t been used since 1998. It’s possible these were included to help hide Fruitfly, but experts have no idea how long it has been holed up inside the infected machines, or who created it.
What does it do?
So far, most of the instances of Fruitfly have been at biomedical research institutions. The administrators who discovered the malware explained that it seems to be written to grab screenshots and gain access to a computer’s webcam.
Considering the specific nature of its victims, and what it can accomplish, Fruitfly seems to be a targeted attack that won’t affect the majority of Mac users. However, Apple has yet to release a patch, and dealing with malware is not something to be put off for another day.
How should I proceed?
We’re always harping on the importance of network monitoring, and now we finally have proof that we are right. Fruitfly was first discovered by an administrator that noticed abnormal outbound network traffic from an individual workstation. Until Apple releases a patch, a better-safe-than-sorry solution is to contact your IT provider about any possible irregularities in your network traffic.
If you don’t have a managed IT services provider, this is the time to start considering one. Despite misconceptions, Apple devices need just as much care and attention as Microsoft and Linux PCs. And it’s not just security; if you want to optimize workstation performance, create a disaster recovery plan, or upgrade your database. Message today to get started.