true77
Mac users should be cautious of a new malware known as Cuckoo, which has been discovered hiding amongst third-party apps. This malware is capable of stealing sensitive data from Mac devices, including hardware information, notes, saved passwords, and even capturing screenshots while the computer is in use. The discovery of Cuckoo was reported by Kandji, an Apple device security company, shedding light on the alarming details surrounding this threat.
## Where Cuckoo was found hiding
Initially, Cuckoo was found packaged with a Spotify music downloader app called “DumpMedia Spotify Music.” Further investigation revealed that Cuckoo was also present in other third-party music downloader apps and iPhone/Android backup software distributed by various websites. The report emphasizes the deceptive installation process of the DumpMedia Spotify Music app, which directs users to right-click and choose “Open,” allowing the malware to gather information from the host device without the user’s knowledge.
## What does Cuckoo steal?
Once installed, Cuckoo begins gathering hardware details, information about installed apps, and processes running on the Mac. This malware can extract data from Apple Notes, messaging apps like Discord and Telegram, Safari web-browsing history, cookies, and sensitive information stored in iCloud Keychain. Additionally, Cuckoo can capture real-time data by taking screenshots discreetly. It is capable of targeting both older Intel-based Macs and newer Silicon Macs. Most of the apps containing Cuckoo malware were registered to specific developer IDs, but Kandji warns that there may be other undiscovered sources hosting this threat.
Mac users are advised to exercise caution when downloading apps from unknown third-party developers to mitigate the risk of falling victim to malware attacks.
