The mystery of the Fruitfly macOS malware has apparently been solved: a 28-year-old man from OH has been charged on Wednesday of allegedly creating and installing the malware on thousands of computers for more than 13 years!
The FBI arrested Durachinsky in January 2017 after his malware was found on Case Western Reserve University's computer system, according to court filings.
Federal prosecutors claim the 28-year-old man also stole private credentials, bank records, and photos. The malware gave Durachinsky remote access to infected computers from his home in North Royalton, 20 miles south of Cleveland in Cuyahoga County, Ohio, according to the indictment released Wednesday.
The victims ranged from individuals to companies, schools, a police department and government entities including one owned by a subsidiary of the US Department of Energy. But six months later, Patrick Wardle, now chief research officer at Digita Security, showed that the malware was still out in the wild, just not as widespread. That same report claimed that Fruitfly had seemingly been "designed to target only biomedical research computers, suggesting that Chinese or Russian hackers seeking information from US and European companies may have designed it".
The suspect allegedly saved "millions of images and often kept detailed notes of what he saw".
Fruitfly malware allowed Durachinksy to use computer cameras and microphones to record images and audio, upload files to other people's computers, take and download screenshots, log keystrokes and access his victims' data. "This case is an example of the Justice Department's continued efforts to hold accountable cybercriminals who invade the privacy of others and exploit technology for their own ends", said Acting Assistant Attorney General Cronan.
Durachinsky also been charged with using minors to engage in sexually explicit conduct. He had a complex control panel at his home in OH where he could observe live images and data from multiple infected computers at once.
Forbes reported that Durachinsky was charged a year ago with hacking into computers at Case Western Reserve University (CWRU), which had reported to the Federal Bureau of Investigation that 100 of its computers were infected.
According to Forbes, Durachinsky has been in custody since he was arrested in January previous year and is now awaiting trial.
More disturbingly, the DOJ claims Durachinsky configured Fruitfly to alert him whenever a user typed words associated with pornography. Once he captured login credentials for Fruitfly-infected machines, Durachinsky is accused of creating virtual machines on those computers.