FruitFly

Malware Profile Updated 13 days ago
Download STIX
Preview STIX
The Fruitfly malware is a harmful program that is designed to exploit and damage computers and devices. It can infect systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside a system, Fruitfly has the capability to capture screenshots and webcam images, as well as gather information about other devices connected to the same network and establish connections with them. In the case of FruitFly, one of its main components is a backdoor located at /Users/user/.client. This backdoor enables unauthorized access and control over the infected system. A custom mouse and keyboard sniffer was developed and open-sourced on GitHub (https://github.com/objective-see/sniffMK) for the analysis of this malware. Through this sniffer, it was discovered that FruitFly allows remote attackers to generate both simulated mouse and keyboard events, further enhancing their control over the compromised system. FruitFly represents a significant threat to computer and device security due to its ability to surreptitiously capture sensitive information and gain unauthorized access to connected devices. Users should exercise caution when downloading files, opening emails, or visiting websites to mitigate the risk of infection. Additionally, it is crucial to maintain up-to-date antivirus software and regularly scan systems for malware to detect and remove any potential infections.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the FruitFly Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
MITRE
a year ago
Mac Malware of 2017
CERT-EU
10 months ago
All the Mac malware we know about