Apple Mac devices may have been unwittingly harbouring malware for years, without it ever being detected by antivirus software.

An ex-NSA hacker has discovered a mysterious piece of software on Mac devices that he described as “unique” and “intriguing”. It’s thought the malware is a strain of ‘FruitFly’, which has been infecting systems for nearly a decade.

FruitFly is a rather vexing prospect as, despite being a simplistic piece of software, it somehow managed to evade detection for years. When it was finally discovered in 2015, cyber security experts were surprised at its apparent age – given away by what they called ‘ancient’ functions.

When installed, FruitFly monitors users through screen capture, keystrokes and webcams.

There’s also the issue of its successor, FruitFly 2. When this was discovered, no antivirus software was picking up on it – despite security experts estimating that it had been around for 5-10 years.

The mystery deepens further when considering that the mode of infection hasn’t yet been discovered either. Without knowing whether it takes advantage of a flaw in MacOS’s code, is installed via social engineering, or there’s some other way, it’s impossible to determine whether or not computers are still at risk. Apple, meanwhile, has stayed defiantly tight-lipped on the issue, which makes the detection process that much more difficult for cyber security experts.

Challenging the belief that Macs are virus free

All this ambiguity also makes it difficult to know how many devices may have been infected. Even though people now know about FruitFly, antivirus software still has limited visibility of it.

The fact that FruitFly has been discovered isn’t the biggest issue at play here. Instead, it’s more the cultural belief that Macs are virus free, especially when compared to Windows devices. This discovery shows that malware can still get through and, furthermore, quietly lie undetected for years – if not decades.