Mac security allowed 15 year-old perve to spy

Share

Just hours ago, the US Department of Justice (DOJ) has filed official charges against an OH man for allegedly developing and infecting thousands of Americans with the Fruitfly Mac malware.

Durachinsky is further alleged to have watched and listened to victims without their knowledge or permission and intercepted oral communications taking place in the room where the infected computer was located.

Durachinsky spied on thousands of people, plucking millions of photos and other sensitive data from their computers, while keeping "detailed notes of what he observed", according to the indictment. Patrick Wardle, chief research officer at Digita Security who discovered one strain of the malware infecting Macs, saw at least 400 infected computers.

The computer programmer allegedly used the malware to steal the personal data of victims, including their tax records, logon credentials, medical records, photographs, banking records, internet searches and potentially embarrassing communications.

What Fruitfly proved was that Mac software was no more secure than any other operating system and it could be knocked over by a 15 year old.

Durachinsky also purportedly used stolen login credentials to access and download information from third-party websites.

CES 2018 | Nissan is working on cars that can read your mind
To use, the driver wears a device that measures brain activity, which is then analyzed by the vehicle's autonomous systems. Nissan would probably need some sort of less intrusive version if the technology was be practical for the market.

The current indictment does not list specific victims, but Durachinsky was arrested previous year after a series of hacks at Case Western Reserve University were reported.

Besides the creep factor, a stunning thing about Fruitfly is that it is both unsophisticated and relatively easy to spot, yet according to the DoJ, Durachinsky was able to use it undetected from 2003 until January 2017, when he was arrested and jailed on another charge.

According to Forbes, Durachinsky has been in custody since he was arrested in January a year ago and is now awaiting trial.

An Ohio man is charged with allegedly developing and using malware to spy on thousands of computers in the U.S. The suspect, in addition to allegedly targeting individuals, also allegedly infected computers belonging to police departments, schools, companies and the federal government, including the US Department of Energy.

"Durachinsky is alleged to have utilized his sophisticated cyber skills with ill intent, compromising numerous systems and individual computers", said Special Agent in Charge Anthony. He then gave his findings to law enforcement, which may have provided the evidence used to bring this week's indictment.

Wardle concluded that Fruitfly "was created by a hacker or some malware author to basically spy on victims for perverse reasons, which kind of sucks".

Share