Published: Sun, January 14, 2018
Hi-Tech | By Grace Becker

Prolific hacker from OH indicted, developed 'Fruitfly' malware to spy on thousands

Prolific hacker from OH indicted, developed 'Fruitfly' malware to spy on thousands

Fruitfly is a Mac targeted Malware and was not ever discovered till January of 2017.

The US Department of Justice has revealed an indictment against 28-year Phillip Durachinsky, of North Royalton, Ohio. According to the indictment, Durachinsky used the computers to record minors having sex over a five year period.

Authorities say cyber experts have had him on their radar as he previously hacked into schools, companies, and local police departments. But six months later, Patrick Wardle, now chief research officer at Digita Security, showed that the malware was still out in the wild, just not as widespread.

So far, it is not clear how Fruitfly infects computers, but since there is no evidence it exploited vulnerabilities, it likely gained access by tricking victims into clicking on malicious Web links or email attachments.

The suspect allegedly saved "millions of images and often kept detailed notes of what he saw".

The malware enabled him to capture screenshots from victims' computers, log their keystrokes, and turn on the camera and microphone to stealthily record images and audio, the Justice Department wrote in a news release. The malware would notify Durachinksy if his victims typed words associated with pornography on their computers and the hacker is alleged to have collected child pornography through the virus.

'American Gods' EP Bryan Fuller Developing Anne Rice Series
The second, is the announcement of this thrilling partnership with Paramount Television and Anonymous Content. Bryan Fuller has apparently found a new project after departing both Star Trek: Discovery and American Gods .

A statement from the US Department of Justice said Phillip Durachinsky had watched, listened to, and obtained personal data from his victims. According to the indictment, Durachinsky used stolen logon credentials to access and download information from third-party websites.

Within this week's complaint, prosecutors also asked the court to order that Durachinsky forfeit any property he derived from his 13-year campaign, an indication that they allege he sold the images and data he acquired to others.

"Defendant used certain Fruitfly victims' computer networks to access sufficient bandwidth to allow the Fruitfly malware to infected protected computers", not only in OH but worldwide, the indictment reads.

A probe of Durachinsky's computer found software for the malware.

"Interestingly, Durachinsky was just 14 years old when he programmed the first version of the FruitFly malware, and this full-fledged backdoor trojan went largely undetected for several years, despite using unsophisticated and antiquated code".

Last year, Case Western Reserve University contacted the Federal Bureau of Investigation in Cleveland to report that a hacker had installed malware on their network. Once he captured login credentials for Fruitfly-infected machines, Durachinsky is accused of creating virtual machines on those computers.

Like this: