Fruitfly Mac Malware Creator Charged

Yolanda Curtis
January 14, 2018

An Ohio man allegedly used malware to secretly hijack thousands of webcams.

According to the indictment, 28-year-old Phillip R. Durachinsky is the alleged author of FruitFly malware that was found targeting Apple Mac users earlier last year worldwide, primarily in the United States.

A computer programmer from OH has been charged in a 16-count indictment with creating the "Fruitfly" malware and installing it on unwitting victims' computers with the alleged intent of spying and creating child porn. If that's not bad enough, not only did Durachinsky store millions of images from infected computers, he also used that access to take pictures of naked children via the webcams on the infected Macs, hence the child pornography charge.

Durchinsky spent around 13 years spying on people from all across the country.

JaTodd Terrell Mc Mahon
JaTodd Terrell Mc Mahon

A statement from the US Department of Justice said Phillip Durachinsky had watched, listened to, and obtained personal data from his victims.

Authorities say a computer hacker in OH spied on people, companies and even a police department, sometimes using cameras and microphones of compromised computers to record young people having sex without their knowledge. Security firm Malwarebytes past year also found that the malware had infected biomedical research institutions.

Def Con 25 presenation: Patrick Wardle talk offensive malware analysis as he dissects OS X Fruitfly.

The Ohio hacker faces up to 20 years in prison.


In July 2017, Wardle presented his findings at the Def Con security conference in Las Vegas.

What Fruitfly proved was that Mac software was no more secure than any other operating system and it could be knocked over by a 15 year old. Fruitfly also alerted Durachinsky if an infected computer's owner typed words associated with pornography.

The indictment also alleges that Durachinsky produced child pornography. Wednesday's indictment provided no details about the Windows version of Fruitfly or whether Linux computers were targeted as well. He is alleged to have developed computer malware later named "Fruitfly" that he installed on computers and that enabled him to control each computer by accessing stored data, uploading files, taking and downloading screenshots, logging a user's keystrokes, and turning on the camera and microphone to surreptitiously record images and audio.

To store the information and obscure the activity, Fruitfly needed bandwidth and storage.


You might remember the sinister Fruitfly malware that came to light previous year.

"Defendant used certain Fruitfly victims' computer networks to access sufficient bandwidth to allow the Fruitfly malware to infected protected computers", not only in OH but worldwide, the indictment reads.


Other reports by iNewsToday

FOLLOW OUR NEWSPAPER