New Malware Threatens Mac Users’ Sensitive Data
Mac users need to be on high alert as a new malware called Cuckoo is making its way through third-party apps, posing a significant risk to their sensitive data. Cuckoo has the capability to steal various types of information, including hardware details, saved passwords, notes, and even take screenshots of users’ screens without their knowledge.
The discovery of Cuckoo was made by Kandji, an Apple device security company, which recently published a report detailing its findings. Initially, Cuckoo was found packaged with a Spotify music downloader app called “DumpMedia Spotify Music.” However, upon further investigation, it was discovered that Cuckoo was also hiding in other third-party music downloader apps and iPhone/Android backup software distributed by various websites.
One interesting detail highlighted in the report is the unusual installation process for the DumpMedia Spotify Music app. While most legitimate Mac apps require users to drag the app from the .DMG file to the Applications folder, this particular app instructs users to right-click and choose “Open.” This deviation from the usual installation process allows the malware to go undetected and begin gathering information from the host device.
Once the DumpMedia Spotify Music app is installed, Cuckoo starts its operation. It collects hardware details, information about installed apps, and processes running on the Mac. The malware can also access data from Apple Notes, messaging apps like Discord and Telegram, Safari web-browsing history and cookies, and sensitive information stored in iCloud Keychain. Disturbingly, Cuckoo can capture real-time screenshots without the user’s knowledge.
What makes Cuckoo even more concerning is its ability to target both older Intel-based Macs and the newer Silicon Macs, such as the M1, M2, M3, and so on. The majority of the apps found to contain Cuckoo malware were registered under a “valid Developer ID of Yian Technology Shenzhen Co., Ltd.” Another developer ID associated with the malware was FoneDog Technology Limited. However, Kandji suspects that there are likely other websites and applications hosting Cuckoo that have yet to be discovered.
To protect themselves, Mac users should exercise caution when downloading apps from unknown, third-party developers. Stick to trusted sources, such as Apple’s official App Store, whenever possible. Employing reputable antivirus software can also add an extra layer of defense against malware threats.
The rise of malware targeting macOS systems highlights the importance of cybersecurity for all users. It serves as a reminder for individuals and organizations to stay vigilant and take necessary precautions to safeguard their data and digital assets. With the ever-evolving landscape of cyber threats, it is crucial to stay informed and implement robust security measures to mitigate risks effectively.
