Skip to content

January 11, 2018

Malware charged for 13-year spying spree

by John_A

You don’t need an elaborate crime ring (or a government agency) to write malware that spies on others — sometimes, just one person can be responsible. The US Department of Justice has charged Ohio resident Philip Durachinsky with 16 crimes for allegedly writing malware, nicknamed “Fruitfly,” that gave him unfettered access to the PCs of “thousands” of individuals and institutions between 2003 and January 2017. Reportedly, he not only stole sensitive data to use for fraud and blackmail (such as logins, embarrassing chats and medical records) but took screenshots, logged keystrokes and spied on people through their webcams.

The DOJ also alleged that Durachinsky used victims’ PCs as a kind of malicious search engine. Fruitfly would alert him when users typed in words associated with porn, helping him save “millions” of images and take “detailed notes.” The charges (which mostly cover violations of the Computer Fraud and Abuse Act and the Wiretap Act) include an indictment for the production of child porn, but it’s not clear to what degree the images or the eavesdropping were involved.

Whether or not the charges are validated in court, the claims serve as not-so-subtle reminders that backdoor malware can sometimes be created for entirely personal reasons, not just by gangs looking for profit or spies collecting intelligence. You don’t have to be an obvious target to be a victim, and good security policies are important even if you don’t think you have anything particularly valuable.

Source: Department of Justice

Advertisements
Read more from News

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Note: HTML is allowed. Your email address will never be published.

Subscribe to comments

%d bloggers like this: