Slashdot Mirror
FBI Solves Mystery Surrounding 15-Year-Old Fruitfly Mac Malware Which Was Used By a Man To Watch Victims Via their Webcams, and Listen in On Conversations (zdnet.com)
The FBI has solved the final mystery surrounding a strain of Mac malware that was used by an Ohio man to spy on people for 14 years. From a report: The man, 28-year-old Phillip Durachinsky, was arrested in January 2017, and charged a year later, in January 2018. US authorities say he created the Fruitfly Mac malware (Quimitchin by some AV vendors) back in 2003 and used it until 2017 to infect victims and take control off their Mac computers to steal files, keyboard strokes, watch victims via the webcam, and listen in on conversations via the microphone. Court documents reveal Durachinsky wasn't particularly interested in financial crime but was primarily focused on watching victims, having collected millions of images on his computer, including many of underage children. Durachinsky created the malware when he was only 14, and used it for the next 14 years without Mac antivirus programs ever detecting it on victims' computers. [...]
Describing the Fruitfly/Quimitchin malware, the FBI said the following: "The attack vector included the scanning and identification of externally facing services, to include the Apple Filing Protocol (AFP, port 548), RDP or other VNC, SSH (port 22), and Back to My Mac (BTMM), which would be targeted with weak passwords or passwords derived from third party data breaches." In other words, Durachinsky had used a technique know as port scanning to identify internet or network-connected Macs that were exposing remote access ports with weak or no passwords.
Describing the Fruitfly/Quimitchin malware, the FBI said the following: "The attack vector included the scanning and identification of externally facing services, to include the Apple Filing Protocol (AFP, port 548), RDP or other VNC, SSH (port 22), and Back to My Mac (BTMM), which would be targeted with weak passwords or passwords derived from third party data breaches." In other words, Durachinsky had used a technique know as port scanning to identify internet or network-connected Macs that were exposing remote access ports with weak or no passwords.
Age does not matter when it comes to pornographic images of minors. There have been people under 18 who have gotten in trouble for sexting pictures of themselves, which is technically production & distribution of child pornography.
The FBI comes in and they image everything you've got that they find.
You might be safe now but in the future legitimate things you have might become crimes. You don't know what that might be; even if you do, like parent said, your old backups get lost or the old computer in the basement you didn't recycle or give away because you've not wiped it clean and put that off...
Think about something innocent not this guy's stuff-- and a decade from now the mere possession or mention of such things is a crime. You are not charged with a crime back in time (not allowed) but instead are charged for currently having such materials.
This could be the Anarchist's Handbook you got online in the 90s because everybody was making a fuss about the silly thing. Then after 9/11 they find that in your stuff and get you as a terrorist!
Think.
Democracy Now! - uncensored, anti-establishment news