Hopeinen Omena

Iltalehti kertoo salaperäisestä Fruitfly-haittaohjelmasta Maceissa, onko meidän tietoturvaukkeleilla asiasta kommentoitavaa?

Tietoturvatutkijat ovat löytäneet salaperäisen Fruitfly-haittaohjelman, joka on pysytellyt tutkan alla vuosia saastuttaen satoja Mac-koneita, uutisoi Tivi.

Teknologiajulkaisu Motherboardin mukaan Fruitflyn ensimmäinen versio havaittiin vuonna 2015, ja nyt haitakkeesta on löytynyt uusi versio, Fruitfly 2.

Järki käteen, Iltalehti repii taas otsikoita...

https://discussions.apple.com/thread/80 ... 0&tstart=0

Arsissa juttu.

https://arstechnica.com/security/2017/0 ... for-years/

A mysterious piece of malware that gives attackers surreptitious control over webcams, keyboards, and other sensitive resources has been infecting Macs for at least five years. The infections—known to number nearly 400 and possibly much higher—remained undetected until recently and may have been active for almost a decade.

Samassa jutussa myös seuraavaa:
"One of the interesting aspects of the latest Fruitfly variant is that it flew under the radar for so long. The malware relies on functions that were retired long ago and uses a crude method to remain installed once a Mac is infected. Compared to newer, more sophisticated malware, Fruitfly is much easier to detect. And yet, for whatever reason, no one caught it until recently. Two pieces of Mac software developed by Wardle would have given victims a strong indication they were infected. One, called BlockBlock, would have warned of the suspicious launch agent used by the malware. A second tool, called Oversight, provides notification anytime an app attempts to access a Mac's webcam or microphone. A recent submission to the VirusTotal malware detection service shows that 19 of the top 56 AV- and endpoint-protection products now detect the malware."

Miksi haittaohjelmaa löydetty aiemmin? No ehkä ihan vaan siksi ettei se ole levinnyt juuri minnekään.

Antivirus-yritykset hymyilevät taas lukiessaan näitä pelotteluja....

Hei!

Lähde: https://www.cnet.com/news/mac-fruitfly- ... -the-wild/

"Wardle's early analysis was that as many as 90 percent of the victims were in the US, according to the article, with no obvious connection between the users. Based on the target victims, however, Wardle thought the malware was run by a single hacker "with the goal to spy on people for perverse reasons" than a nation state attacker. While he wouldn't comment on how many were affected by the malware, he suggested it wasn't widespread.

"I believe the attacker is MIA [missing in action]," Wardle told CNET, "so I don't think people are still being targeted with this malware. Also it likely required user interaction to infect a Mac computer (you'd have to be tricked into downloading/running something). But the malware itself still runs on MacOS," he added.

eli rauha maassa.

-Securapple