Phillip R. Durachinsky, of North Royalton, Ohio, is alleged to have used Mac malware known as “Fruitfly” to remotely control victims’ computers, access and upload files, grab screenshots, log keystrokes, and surreptitiously spy via infected computer’s webcams.
Durachinsky, who faces multiple charges including Computer Fraud and Abuse Act violations, Wiretap Act violations, and identify theft, is said to have created a visual interface that allowed him to retrieve live images from several infected computers simultaneously.
In the indictment, Durachinsky is said to have used malware he created between 2003 and January 2017 to steal personal data, tax records, passwords, and “potentially embarrassing communications.”
According to the indictment, Durachinsky used stolen usernames and passwords to hack into his victims’ online accounts and steal further information, keeping detailed notes on his victims.
Computers said to have been infected by the Fruitfly malware are said to have included thousands of individuals, businesses, schools, a police department, and government.
According to the Department of Justice, although the malware’s primary victims were Mac users, variants of the malware were also used to infected PCs running Windows.
But perhaps what stands out the most is the claim that FruitFly was successfully hiding unnoticed on victims’ computers for so many years.
“For more than 13 years, Phillip Durachinsky allegedly infected with malware the computers of thousands of Americans and stole their most personal data and communications,” said Acting Assistant Attorney General Cronan. “This case is an example of the Justice Department’s continued efforts to hold accountable cybercriminals who invade the privacy of others and exploit technology for their own ends.”
Mac malware is far less frequently encountered than Windows malware, but that doesn’t mean the problem is non-existent – it just means that the sheer amount of Windows-based malware released every day is staggering.
Mac users would be wise to ignore claims that the platform is somehow magically malware-proof, and protect themselves with a layered defence to reduce the chances of being spied upon or having their data stolen.