A newly discovered family of Mac malware has been conducting detailed surveillance on targeted networks, possibly for more than two years, a researcher reported Wednesday.
The malware, which a recent Mac OS update released by Apple is detecting as Fruitfly, contains code that captures screenshots and webcam images, collects information about each device connected to the same network as the infected Mac, and can then connect to those devices, according to a blog post published by anti-malware provider Malwarebytes. It was discovered only this month, despite being painfully easy to detect and despite indications that it may have been circulating since the release of the Yosemite release of OS X in October 2014. It’s still unclear how machines get infected.
“The first Mac malware of 2017 was brought to my attention by an IT admin, who spotted some strange outgoing network traffic from a particular Mac,” Thomas Reed, director of Mac offerings at Malwarebytes, wrote in the post. “This led to the discovery of a piece of malware unlike anything I’ve seen before, which appears to have actually been in existence, undetected for some time, and which seems to be targeting biomedical research centers.”