He’s an ex-NSA hacker chief and is now the chief security researcher for Synack, and over the past few months, he’s been hot on the trail of an incredibly elusive bit of malware called Fruitfly.
As malware goes, Fruitfly is ancient, with code dating back as far as 1998. A few months back, when word of the malware finally surfaced, Apple was quick to patch its OS, closing the gaps in its security protocols that the hackers took advantage of to make the malware work.
According to Wardle, the hackers have been busy, and Fruitfly2 is now making the rounds, quietly infecting more computers.
It’s very unconventional as malware goes, and its primary mission seems to be surveillance. There’s no ransomware component or keylogging software. It simply watches and gathers data.
As yet, no one knows who’s behind Fruitfly, although given its unconventional nature and the fact that it has only ever been found on computers used at biomedical firms, the best guess is that it’s a corporate product used to conduct espionage.
Because of its unobtrusive nature and the fact that it doesn’t outwardly impact a user’s system, it has been able to fly under the radar for years. Although Wardle has identified more than 400 machines that have been infected, he readily admits that the number could be much higher.
The search continues for more clues about who might be behind the software, and what their ultimate aims might be, but for now, if you’re a Mac user working in the biomedical field, be warned. Fruitfly2 is out there, and it’s very hard to spot. Someone may be spying on you. In fact, they may have been spying on you for years.