Skip to main content

Malwarebytes finds the ‘first Mac malware of 2017,’ and Apple calls it ‘Fruitfly’

macos sierra update windows 10 creators install features
Bill Roberson/Digital Trends
Apple’s MacOS, once known as OS X, is believed by many to be completely free of malware — so free, in fact, that you don’t need to run any kind of software to protect against it. That’s for those Windows users to worry about.

MacOS is indeed less of a target than Windows 10, and whether that’s because it’s used on less than 8 percent of all PCs or that it’s inherently more secure has been a topic of some debate. Nevertheless, the fact is that you’re not completely worry-free running a Mac. And now, some researchers at security software company Malwarebytes have found the first piece of MacOS malware for 2017.

Malwarebytes was informed of the new malware by a particularly perceptive IT administrator, who noticed that one of his Macs was engaging in some unusual network traffic. As Malwarebytes staff looked into things, they discovered a piece of malware written with “antiquated code” that had likely existed — primarily on biomedical research center computers — for some time.

The code is simple but ingenious, made of only two files but capable of communicating with a remote command and control server, and of taking screenshots and sending them along. Some of the code made calls to functions that haven’t existed since before OS X, marking the code as evidence that Macs have indeed suffered from malware since the earliest days. But it’s not been untouched since its creation, with code referencing OS X 10.10 Yosemite.

Regardless of whether the malware is really that old or just appears to be, it’s relatively easy to discover and eradicate. Malwarebytes’ own software will do the job, detecting it as OSX.Backdoor.Quimitchin. As the company summarizes, “Ironically, despite the age and sophistication of this malware, it uses the same old unsophisticated technique for persistence that so many other pieces of Mac malware do: a hidden file and a launch agent. This makes it easy to spot, given any reason to look at the infected machine closely (such as unusual network traffic). It also makes it easy to detect and easy to remove.”

Apple itself is aware of the malware, calling it “Fruitfly,” and has since released an update to protect against future infections. The moral of the story, of course, is that although you might think your Mac is less of a target than Windows 10, you’ll want to make sure to keep an eye on things because malware does exist for MacOS. You should consider running some kind of malware software on your Mac, and scan it periodically with an application like Malwarebytes to make sure you’re not infected.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Everything announced at Apple’s ‘Scary Fast’ event: iMac, M3, and more
Apple revealing new Macs at an event.

Apple's unexpected "Scary Fast" event has wrapped, and the 30-minute presentation was packed full of announcements. Headlining the showcase was Apple's new M3 chip, which is showing up in a variety of devices in just a week from now.

We have the lowdown on everything Apple announced at its unprecedented fall event, which kicks off the third generation of Apple's silicon with two major product updates.
M3 family of chips

Read more
Apple may have great news for Mac gamers at its ‘Scary Fast’ event
How to play Fortnite on Mac

Apple’s “Scary Fast” event is just around the corner, and we already know Macs will be the focus. But a claim has just been made that Apple will dedicate much of the October 30 show to Mac gaming, which could be good news for anyone who enjoys playing games on Apple’s computers.

That’s the assertion made by MacRumors, and the news outlet puts forward several pieces of evidence to back up its ideas. In the end, it makes a lot of sense -- but there’s still no definitive proof.

Read more
Apple’s next Mac event promises ‘scary fast’ reveals
Man using a 24-inch M1 iMac.

Apple finally confirmed its next event for 5 p.m. PT on Monday, October 30, and it's where we expect the company to introduce new Macs. The event, which carries the tagline "Scary Fast," will be streamed on Apple's website and Apple TV, but that's just about all of the details we know about the event right now.

The teaser on Apple's website shifts between the Apple logo and the Finder logo, further suggesting Apple will be talking about new Macs. The announcement comes about a week after prominent Apple analyst Ming-Chi Kuo revealed that an upcoming refresh to Apple's 24-inch iMac had been delayed to 2024.

Read more