Ohio man spied on porn users after infecting 1,000s of computers with ‘Fruitfly’ malware
A computer programmer from Ohio has been charged in a 16-count indictment with creating the “Fruitfly” malware and installing it on unwitting victims’ computers with the alleged intent of spying and creating child porn.
Computer programmer Phillip R Durachinsky, 28, of North Royalton, Ohio, has been charged with violations of the Computer Fraud and Abuse Act and the Wiretap Act, and with the production of child pornography and aggravated identity theft, according to an indictment released Wednesday from the US District Court for the Northern District of Ohio Eastern Division.
Durachinsky allegedly first created the malware, which later became known as “Fruitfly,” in order to control computers by uploading files, accessing stored data, taking and downloading screenshots, logging user’s keystrokes and turning on the user’s camera and microphone to secretly record images and audio.
Durachinsky is accused of orchestrating the scheme to gain access to thousands of protected computers owned by individuals, companies, schools, a police department and the government, including one owned by a subsidiary of the US Department of Energy, between 2003 and January 20, 2017.
The indictment alleges that Durachinsky watched, listened and obtained personal data from the computers of unknowing victims using the malware he created and intercepted oral communications, which took place in the room where the infected computer was located.
He also allegedly produced child pornography with the material obtained.
According to the indictment, the Fruitfly malware alerted Durachinsky if a user typed words associated with pornography. He allegedly saved millions of images and often kept detailed notes of what he witnessed.
The computer programmer allegedly used the malware to steal the personal data of victims, including their tax records, logon credentials, medical records, photographs, banking records, internet searches and potentially embarrassing communications.
Durachinsky also purportedly used stolen login credentials to access and download information from third-party websites.
Acting US Assistant Attorney General John Cronan commented on the case.
“For more than 13 years, Phillip Durachinsky allegedly infected with malware the computers of thousands of Americans and stole their most personal data and communications,” he said, according to a press release sent out by the US Department of Justice. “This case is an example of the Justice Department’s continued efforts to hold accountable cybercriminals who invade the privacy of others and exploit technology for their own ends.”
The Fruitfly malware created by Durachinsky was first discovered in January 2017. It initially sparked attention because, among other reasons, it could get into Apple computers, according to a blog post by Malewarebytes Labs.
Durachinsky is alleged to have started his hacking activities when he was a teenager in 2003, The Plain Dealer reports.
Acting Assistant Attorney General John P. Cronan of the US Department of Justice Criminal Division, First Assistant US Attorney David A. Sierleja for the Northern District of Ohio and Special Agent in Charge Stephen D. Anthony of the Federal Bureau of Investigation's Cleveland Field Office, announced the indictment, according to the DOJ press release.