“New Mac Malware ‘Cuckoo’ Steals Your Data: What You Need to Know”
Reported by Bodheet Bhardwaj
Security experts are raising alarm bells about a new Mac malware called “Cuckoo” that poses a serious threat to users’ sensitive information. This malicious software not only steals your data but also captures screenshots of your desktop, affecting both Intel and Apple Silicon-based Macs.
Discovered by cybersecurity researchers at Kandji, Cuckoo operates as both infostealer malware and spyware. It was initially found disguised as a program called “DumpMedia Spotify Music Converter” on websites like dumpmedia, tunesolo, fonedog, tunesfun, and funefab—platforms notorious for distributing illegal downloads of music from streaming services like Spotify.
What makes Cuckoo particularly dangerous is its deceptive installation process. Users are prompted to right-click on the downloaded file and click ‘Open,’ bypassing standard macOS security measures. This allows the malware to gain unauthorized access to your system.
Once installed, Cuckoo employs various tactics to compromise your data. It tricks users into entering their system password through a fake prompt, granting it elevated privileges. With this access, the malware can gather information from installed applications, including web browsers, crypto wallets, messaging apps like Telegram and Discord, and even Apple Notes.
Moreover, Cuckoo utilizes a technique called LaunchAgent, ensuring its persistence on the infected system even after a reboot.
To safeguard against Cuckoo and similar threats, users should exercise caution when downloading software from untrusted sources, especially those offering pirated content. Additionally, refrain from running programs without a developer ID unless obtained from a reputable source.
By staying vigilant and adhering to these precautions, users can better protect themselves from falling victim to Cuckoo and other malicious software targeting Mac systems.