Not every form of malware is a conspiracy involving a state-sponsored actor. That’s the main takeaway following the arrest of an Ohio man alleged to be behind the Fruitfly macOS malware.

Phillip R. Durachinsky, 28, of North Royalton, Ohio was indicted Wednesday by the Department of Justice on 16 charges covering Computer Fraud and Abuse Act violations, Wiretap Act violations, production of child pornography and aggravated identity theft.

Durachinsky is alleged to have created the Fruitfly malware 13 years ago and used it since to secretly spy on Mac users including making recordings from victim’s webcam and microphone, viewing what’s on the screen, controlling the keyboard and mouse and remotely downloading files. If that’s not bad enough, not only did Durachinsky store millions of images from infected computers, he also used that access to take pictures of naked children via the webcams on the infected Macs, hence the child pornography charge.

Along with thousands of individual victims, Durachinsky is also said to have accessed computers owned by “companies, schools, a police department, and the government, including one owned by a subsidiary of the U.S. Department of Energy,” according to the Justice Department.

Arrests of hackers aren’t exactly new, but what is different in this case is that the Fruitfly malware had previously been linked to state-sponsored espionage.

Fruitfly was discovered in January 2017 when it was described by security researchers as using “antiquated code to gain access to infected Apple computers” and that it “appears to have actually been in existence, undetected, for some time.” That same report claimed that Fruitfly had seemingly been “designed to target only biomedical research computers, suggesting that Chinese or Russian hackers seeking information from U.S. and European companies may have designed it.”

Predicting the intent behind any form of malware does require a certain amount of guesswork. But at a time when state-sponsored actors a regularly blamed for anything and everything, it’s important to remember that sometimes it’s just a sicko sitting in a basement in Ohio trying to catch nude pictures of children instead.

Photo: Department of Justice