Mac and MacBook hit with ‘Cuckoo’ malware stealing sensitive information

Apple’s macOS is making headlines once again for a new type of malware attack stealing files from its target’s computer. These files can hold sensitive information, which can then be used to commit further crimes once the perpetrator gets access to them. If you own an Apple device running macOS on an Intel or ARM silicon chip, here’s what you need to know.

 

What we know about the ‘Cuckoo’ malware

The ‘Cuckoo’ malware, as it’s been named by the security provider Kandji, is a new type of malware that meticulously searches for files linked to specific applications on your Mac or MacBook to extract as much data as possible. It is designed to gather a wide array of information, including hardware details, active processes, applications, and more installed on your system.

Additionally, Cuckoo can capture screenshots and access data from various sources, such as sensitive iCloud Keychains, Apple Notes, web browsers, and popular communication apps like Discord, Telegram, Steam, and cryptocurrency wallets.

 

MORE: TWO NEW STEALTH MALWARE THREATS ARE TARGETING THOSE OF YOU WHO USE MACS

 

How does it work?

Cuckoo is distributed via malicious websites that promote a supposed tool for ripping music from streaming services and converting these into .MP3 files. This tool is offered in free and paid versions, tempting users to download and install it. Once installed, the malware relies on annoying and persistent pop-ups using LaunchAgent, a method used in other malware campaigns like XLoader.

 

Who is behind Cuckoo?

No one threat actor has taken responsibility for the malware campaign. Still, it’s worth noting that Cuckoo refuses to operate if the device is located in certain countries—like Kazakhstan, Russia, Belarus, Ukraine, and Armenia—which could mean it’s coming from a group in one of these countries or operating out of this region as a whole.

However, The Hacker News reported that “each malicious application contains another application bundle within the resource directory,” the researchers said. Translation: A bunch of bad is found wrapped inside another wad of bad stuff.

 

MORE: BEWARE OF ENCRYPTED PDFS AS THE LATEST TRICK TO DELIVER MALWARE TO YOU

 

How to keep yourself safe from malware attacks

So, how do you keep yourself safe from this malware attack and other threats targeting our technology running macOS? After all, they can be sophisticated and sneaky, making it hard to recognize even when it’s right in front of you. Not to worry, that’s why I’m here. They don’t call me the CyberGuy for nothing. I’ve got you covered. Here are 9 steps to enhance your cybersecurity and safeguard your digital life:

1) Use good antivirus software: Install and maintain reliable antivirus protection tailored for macOS. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Ensure it is set to update automatically and run regular scans.

My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (85% off) for the TotalAV Antivirus Pro package.  

Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Best Antivirus Protection 2024

2) Don’t get software from strangers: Always download software from reputable and official sources. Avoid downloading applications from third-party websites or links found in unsolicited emails and messages.

3) Check the software maker’s credentials: Before installing any software, check the developer’s credentials and read reviews to ensure their legitimacy. This is particularly important for software that handles sensitive information.

4) Stay fresh. Perform regular updates: Keep your macOS and all installed applications up to date. Software updates often include patches for security vulnerabilities that malware could exploit.

5) Enable firewall: Use macOS’s built-in firewall or a third-party firewall to monitor incoming and outgoing connections. Turning it on can make you safer by helping detect and block malicious activity.

6) Be wary of strange requests: Be cautious about unsolicited requests to access your computer or install software, especially those from pop-ups or unfamiliar emails. The rule I live by is that If you did not ask for it, then never engage or reply.

7) Use strong passwords and 2FA: Enable two-factor authentication to enhance overall security. This makes it harder for a criminal hacker to gain access to your life.

8) Backup your data: Regularly back up important data to an external drive and/or a cloud-based service. This helps ensure that you can recover your data in case of a malware attack. It may also be a good idea to keep any sensitive files on your hard drive as well, to make it harder for the hacker to get their hands on your precious data. I routinely plug in a portable USB drive to my computer, back it important files, photos and records, unplug it, and stash in a safe spot at home.

9) Create strong passwords: Use unique passwords for different accounts and consider using a password manager to keep track of them. Who can remember a litanny of complicated passwords?  That’s why password managers are so effective at helping you store and retrieve passwords.

 

MORE: HOW CRYPTO IMPOSTERS ARE USING CALENDLY TO INFECT MACS WITH MALWARE

 

Kurt’s key takeaways

As I’ve mentioned before, one of the selling points of Mac computers is that people tend to believe they are less vulnerable to cyberattacks than Windows PCs. But this is clearly not the case, and Mac owners need to be aware of what lies out there in order to stay safe, not just from this particular threat but any new ones that come out faster than they can be patched.

With the rise of more cyber attacks aiming at Mac and MacBook, have you added protection to help keep out the bad guys? Or worse, has one infected you yet?  Let us know in the comments below. 

FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

Related posts

Best last minute holiday gifts

Understanding brushing scams and how to protect yourself

From TikTok to trouble: How your online data can be weaponized against you