Prosecutors say Mac spyware stole millions of user images over 13 years

Hacker indicted for breaking into computers at CWRU and other institutions

Federal Indictment Alleges 28-Year-Old Cleveland Man is Creator of 'Fruitfly' Malware, Spied on Thousands of Computers Over 13 Years

"The U.S. Justice Department unsealed 16-count indictment charges on Wednesday against a computer programmer from OH who is accused of creating and installing spyware on thousands of computers for more than 13 years". Court documents say the 28-year-old watched and listened to people without their knowledge by hijacking computer webcams.

Authorities say cyber experts have had him on their radar as he previously hacked into schools, companies, and local police departments.

Durachinksy was identified as the hacker behind the Fruitfly virus after the malware infected more than 100 computers at Case Western Reserve University.

He allegedly used his creation to turn on thousands of infected systems' microphones and webcams, capture images, log keystrokes, and steal tax and medical records, photographs, Internet searches, and bank transactions. He was charged with 16 counts in federal court, including violating the Computer Fraud and Abuse Act, plus wire fraud, aggravated identity theft, illegal wiretapping and child pornography.

According to Forbes, which reported the indictment earlier, Durachinsky was arrested in January of previous year and has been in custody ever since.

Ramaphosa: ANC is the parliament of the people of South Africa
Mr Ramaphosa, who is also the Deputy President of South Africa , congratulated President Kenyatta for winning the 2017 election.

But apparently that arrest was not connected to Fruitfly, even though this was when the spyware was discovered. But six months later, Patrick Wardle, now chief research officer at Digita Security, showed that the malware was still out in the wild, just not as widespread.

Within two days of registering one of them, nearly 400 infected Macs connected to his server, mostly from homes in the US. "The FBI would like to commend the compromised entities that brought this to the attention of law enforcement authorities". That same report claimed that Fruitfly had seemingly been "designed to target only biomedical research computers, suggesting that Chinese or Russian hackers seeking information from US and European companies may have designed it".

Officials believe surveillance was the primary objective of "FruitFly", which was able to spy on people by using the webcam. "This didn't look like cybercrime type behavior, there were no ads, no keyloggers, or ransomware", Wardle told Forbes "Its features had looked like they were actions that would support interactivity: it had the ability to alert the attacker when users were active on the computer, it could simulate mouse clicks and keyboard events".

Durachinsky was arrested a short time later, but it has taken federal investigators much of the past year to complete the inquiry, producing Wednesday's charges.

Sophos detects Firefly as OSX/Bckdr-RUA and Troj/Bckdr-RUC.

Latest News