Man Charged With Using ‘Fruitfly’ Malware To Spy On Thousands

January 11, 2018, 2:47 PM UTC

A hacker in Ohio who secretly stole personal information from thousands of people for over a decade and controlled their devices from afar was charged Wednesday with fraud, identity theft and violations of the federal Wiretap Act.

28-year-old Phillip Durachinsky was charged in a federal indictment after installing a malware called Fruitfly starting in 2003 — when he would have been 15 years old — to collect passwords, tax records, medical documents, Google searches, private offline communications, photographs and bank statements, the Justice Department announced.

“For more than 13 years, Phillip Durachinsky allegedly infected with malware the computers of thousands of Americans and stole their most personal data and communications,” Acting Assistant Attorney General John P. Cronan said in a statement.

Fruitfly malware allowed Durachinksy to use computer cameras and microphones to record images and audio, upload files to other people’s computers, take and download screenshots, log keystrokes and access his victims’ data. He used the malware to learn passwords to other websites and download further private information from those platforms.

The fruitfly malware was used to infect Mac and Windows operating systems.

Durachinksy targeted computers that were used by individuals, but owned by their employers, schools and even a police department. He had a complex control panel at his home in Ohio where he could observe live images and data from multiple infected computers at once.

He took detailed notes about what he saw through his spying and kept millions of the images he gained access to through Fruitfly. The malware would notify Durachinksy if his victims typed words associated with pornography on their computers and the hacker is alleged to have collected child pornography through the virus.

“Durachinsky is alleged to have utilized his sophisticated cyber skills with ill intent, compromising numerous systems and individual computers,” FBI Special Agent in Charge Stephen D. Anthony said in a statement.

Durachinksy was identified as the hacker behind the Fruitfly virus after the malware infected more than 100 computers at Case Western Reserve University.

He was arrested about a year ago, but it took investigators several months to gather the information needed for the 16-count federal indictment filed Wednesday.

The Ohio hacker faces up to 20 years in prison.