The ‘Cuckoo’ malware, as it’s been named by the security provider Kandji, is a new type of malware that meticulously searches for files linked to specific applications on your Mac or MacBook to extract as much data as possible. It is designed to gather a wide array of information, including hardware details, active processes, applications, and more installed on your system.
Additionally, Cuckoo can capture screenshots and access data from various sources, such as sensitive iCloud Keychains, Apple Notes, web browsers, and popular communication apps like Discord, Telegram, Steam, and cryptocurrency wallets.
How does it work?
Cuckoo is distributed via malicious websites that promote a supposed tool for ripping music from streaming services and converting these into .MP3 files. This tool is offered in free and paid versions, tempting users to download and install it. Once installed, the malware relies on annoying and persistent pop-ups using LaunchAgent, a method used in other malware campaigns like XLoader.
Who is behind Cuckoo?
No one threat actor has taken responsibility for the malware campaign. Still, it’s worth noting that Cuckoo refuses to operate if the device is located in certain countries—like Kazakhstan, Russia, Belarus, Ukraine, and Armenia—which could mean it’s coming from a group in one of these countries or operating out of this region as a whole.
However, The Hacker News reported that “each malicious application contains another application bundle within the resource directory,” the researchers said. Translation: A bunch of bad is found wrapped inside another wad of bad stuff.
How to keep yourself safe from malware attacks
So, how do you keep yourself safe from this malware attack and other threats targeting our technology running macOS? After all, they can be sophisticated and sneaky, making it hard to recognize even when it’s right in front of you. Not to worry, that’s why I’m here. They don’t call me the CyberGuy for nothing. I’ve got you covered. Here are 9 steps to enhance your cybersecurity and safeguard your digital life:
- Use good antivirus software: Install and maintain reliable antivirus protection tailored for macOS. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Ensure it is set to update automatically and run regular scans. My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: your first year (85% off) for the TotalAV Antivirus Pro package. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.
- Don’t get software from strangers: Always download software from reputable and official sources. Avoid downloading applications from third-party websites or links found in unsolicited emails and messages.
- Check the software maker’s credentials: Before installing any software, check the developer’s credentials and read reviews to ensure their legitimacy. This is particularly important for software that handles sensitive information.
- Stay fresh. Perform regular updates: Keep your macOS and all installed applications up to date. Software updates often include patches for security vulnerabilities that malware could exploit.
- Enable firewall: Use macOS’s built-in firewall or a third-party firewall to monitor incoming and outgoing connections. Turning it on can make you safer by blocking unauthorized access.
By following these steps, you can fortify your defenses against Cuckoo malware and other malicious threats targeting Mac security. Stay vigilant and proactive in safeguarding your digital life.