Quimitchin, referred to by Apple as “Fruitfly,” is a trojan used to target the Mac OS X operating system. Researchers at Malwarebytes discovered the trojan in cyberespionage attacks targeting biomedical research centers. It captures screenshots and accesses webcams with the goal of exfiltrating all data. The malware code is simplistic, compromising of only two files and uses code from antique system calls dating back to 1998; however, it was still able to go undetected for several years. The attack vector has not been disclosed, but the malware is easy to detect and remove. Apple has already released an automatic update to protect against this threat.
- January 2017: New “Quimitchin” Mac malware emerges targeting scientific research. (SecurityWeek)
- Malwarebytes provides technical details on the Quimitchin malware, here.