Recent reports have surfaced about a new Mac malware called Cuckoo that poses a serious threat to both newer Macs running Apple Silicon and older Intel-based Macs. Security researchers at Kandji have identified this malware, which combines features of infostealer malware and spyware.
The malware was discovered in a malicious Mach-O binary named ‘DumpMedia Spotify Music Converter’ on VirusTotal. This binary was found to be distributed through a site called dumpmedia[.]com, known for offering apps that enable users to pirate music from streaming services by converting them into MP3 files.
While the Cuckoo malware is currently being spread through music piracy sites, there is a concern that it could be distributed through other fake apps in the future. This poses a significant threat to Mac users, and it is essential to understand how to protect your device from this malware.
Upon downloading the malicious app, researchers found that it contained an application bundle, unlike typical macOS apps that can be easily installed by dragging them into the Applications folder. Users are prompted to right-click on the app and manually run it, bypassing Apple’s Gatekeeper security measures.
Cuckoo uses deceptive tactics, such as displaying fake password prompts, to trick users into entering their system password. If successful, the hackers can escalate the malware’s privileges on the compromised machine, potentially gaining access to sensitive information.
It is crucial for Mac users to stay vigilant and take preventive measures to safeguard their devices from malware threats like Cuckoo. By staying informed and following best security practices, users can reduce the risk of falling victim to malicious attacks.