I retired from Case Western Reserve University a little over two years ago. About a year after I left I got a phone call at home from the head of the computer’s security division, whom I know pretty well, to tell me that they were investigating the activities of a former student at the university who had infiltrated the computers of quite a few people. The investigators had determined that my work computer was one of those hacked.
He asked me if I had noticed anything strange (I hadn’t), whether I keep my virus protection software updated (I do), whether I use easy to guess passwords (I don’t), or use the same ones at multiple sites (I don’t). What was strange was why my computer had been hacked since the perpetrator had not been a student of mine seeking to change his grades or something. As far as they could tell, he had not actually done anything.
The security head could not, of course, tell me the name of the person who had done this because they were still investigating but just recently news broke of his arrest and he seems pretty creepy.
Awkward and eccentric, that’s how friends and former classmates of Phillip Durachinsky described the man they once knew.
Nowadays, he’s known as a cyber-creep and federal prosecutors want him locked up for more than a decade. The North Royalton native has already spent a year behind bars, charged with spreading voyeuristic malware to thousands of computers and using it to spy on unsuspecting men, women and children.
The FBI says Durachinsky, 28, conducted illicit cyber activities for 14 years. How he put his technical capabilities to work is shocking – essentially spying on unwitting victims, sometimes watching and listening while the victims were at their most vulnerable.
Once downloaded, the malware – which cybersecurity analysts named “FruitFly” – allowed him to take over while the user had no idea what was going on. While sitting behind a “control panel,” Durachinsky could perform a variety of tasks, from virtually rifling through and stealing a person’s files to logging what a person typed on a keyboard, according to the FBI.
If that weren’t disturbing enough, FruitFly also allowed Durachinsky to turn on a computer’s microphone and camera and make audio and visual recordings, charging documents state.
Those interviewed for this story said the malware is likely dormant, as the control panel and person responsible for directing its functions are offline.
There was one more thing that stuck out to cybersecurity analysts about Durachinsky’s case. Many hackers these days try to use their malware to make or steal money. While Durachinsky is accused of stealing incredibly personal information in a creepy way, there was no indication he was going to use the information for monetary gain.
Reed, like other analysts, have concluded that Durachinsky is more of a digital collector, developing “spyware at its worst,” he said.
“As Patrick Wardle called it, this was more ‘creepy’ malware,'” Reed said.
I am still not sure why my computer was one of those he chose to hack, other than the fact that Durachinsky majored in physics, graduating in 2012.
Ever since Edward Snowden’s revelations, I have been aware of the fact that computers and phones can be turned into eavesdropping devices and try to practice ‘safe computing’. Like many people, I have something to cover the camera lens on my computer when I do not need to use it, though I don’t know how to block the microphone. I generally use technology with the assumption that anything I do with it could be captured and made public at any time.
But with all that it is kind of creepy, though, to be the target of some kind of voyeur. One can imagine how much worse that feeling must be for famous people who are targeted by large numbers of such people.
Pierce R. Butler says
Others have told me that plugging an external microphone into a computer’s audio-in port, then cutting the wire between plug and mike, will nullify potential sound exfiltration.
As I live alone and don’t talk to myself much, I haven’t tried or tested this personally.
What PRB said.
The workaround mentioned in #1&2 may work on older PCs with sound cards, but isn’t guaranteed on newer machines: the audio ins and outs are often under software control. It used to be a physical connection inside the jack socket, but these days it’s as likely that the contact within the jack socket merely signals to the integrated audio circuits to use a different in or different out. There is no reason why malware can’t override the contact within the jack socket, and use the internal microphone regardless.
PCs with onboard microphones are not a thing, something always needs plugging in. Meaning unplugging a headset or microphone is quite effective.
Laptops though… they have issues.
One additional possibility is to check if you can disable the microphone in the BIOS -- not as safe as physically disabling it, but much easier to do.
Bigger issue are smartphones -- you’re not very likely to disable that micro, and it’s more likely to pick up important stuff because people tend to carry them the whole time.
Why would the Feds want to put him in prison? He sounds like a natural for the NSA?
Durachinsky sounds like a Russian name! It’s another Russian cyberattack1
I think I may be getting a bit cynical.