The Fruit Fly malware is designed to exploit web cams that are used for surveillance. There are both Windows and Mac versions. Attribution is currently unknown; however, Fruit Fly has been installed in numerous university research centers, which have long been of particular interest to Chinese state actors looking to obtain intellectual property in order to accelerate their own research and development efforts.
Wapack Labs has extensively reported on surveillance and malware in the past. An archive of related reporting can be found in the Red Sky Alliance Portal.
TLP: AMBER
ACTOR TYPE: (IV)
SERIAL: FR17-001
COUNTRIES: All
INDUSTRIES: All, Academia
REPORT DATE: 20170221
