Mac Developer: “Perverse” malware infecting hundreds of Macs remained undetected for years | Ars Technica
“Perverse” malware infecting hundreds of Macs remained undetected for years | Ars Technica: "One of the interesting aspects of the latest Fruitfly variant is that it flew under the radar for so long. The malware relies on functions that were retired long ago and uses a crude method to remain installed once a Mac is infected. Compared to newer, more sophisticated malware, Fruitfly is much easier to detect. And yet, for whatever reason, no one caught it until recently. Two pieces of Mac software developed by Wardle would have given victims a strong indication they were infected. One, called BlockBlock, would have warned of the suspicious launch agent used by the malware. "
BlockBlock, like I said, good things.
Labels: security research