Mac and MacBook hit with 'Cuckoo' malware stealing sensitive data


Apple’s macOS is making headlines once again for a new type of malware attack stealing files from its target’s computer. 

These files can hold sensitive information, which can then be used to commit further crimes once the perpetrator gets access to them.

If you own an Apple device running macOS on an Intel or ARM silicon chip, here’s what you need to know.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER

mac laptop

What we know about the ‘Cuckoo’ malware

The ‘Cuckoo’ malware, as it’s been named by the security provider Kandji, is a new type of malware that meticulously searches for files linked to specific applications on your Mac or MacBook to extract as much data as possible. It is designed to gather a wide array of information, including hardware details, active processes, applications, and more installed on your system.

Additionally, Cuckoo can capture screenshots and access data from various sources, such as sensitive iCloud Keychains, Apple Notes, web browsers and popular communication apps like Discord, Telegram, Steam, and cryptocurrency wallets.

hacker on a laptop

A hacker using a Mac. (Kurt “CyberGuy” Knutsson)

MORE: TWO NEW STEALTH MALWARE THREATS ARE TARGETING THOSE OF YOU WHO USE MACS

How does it work?

Cuckoo is distributed via malicious websites that promote a supposed tool for ripping music from streaming services and converting these into .MP3 files. This tool is offered in free and paid versions, tempting users to download and install it. Once installed, the malware relies on annoying and persistent pop-ups using LaunchAgent, a method used in other malware campaigns like XLoader.

Who is behind Cuckoo?

No one threat actor has taken responsibility for the malware campaign. Still, it’s worth noting that Cuckoo refuses to operate if the device is located in certain countries — like Kazakhstan, Russia, Belarus, Ukraine and Armenia — which could mean it’s coming from a group in one of these countries or operating out of this region as a whole.

However, The Hacker News reported that “each malicious application contains another application bundle within the resource directory,” the researchers said. Translation: A bunch of bad stuff is found wrapped inside another wad of bad stuff.

HOW TO UNLOCK SPECIAL FEATURES ON YOUR IPHONE TO IMPROVE VOICE SEARCH

PERSON typing on MAC

A person using a Mac. (Kurt “CyberGuy” Knutsson)

MORE: BEWARE OF ENCRYPTED PDFS AS THE LATEST TRICK TO DELIVER MALWARE TO YOU

How to keep yourself safe from malware attacks

So, how do you keep yourself safe from this malware attack and other threats targeting our technology running macOS? After all, they can be sophisticated and sneaky, making it hard to recognize even when it’s right in front of you. Not to worry, that’s why I’m here. They don’t call me the CyberGuy for nothing. I’ve got you covered. Here are 9 steps to enhance your cybersecurity and safeguard your digital life:

1. Use good antivirus software: Install and maintain reliable antivirus protection tailored for macOS. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Ensure it is set to update automatically and run regular scans. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

2. Don’t get software from strangers: Always download software from reputable and official sources. Avoid downloading applications from third-party websites or links found in unsolicited emails and messages.

3. Check the software maker’s credentials: Before installing any software, check the developer’s credentials and read reviews to ensure their legitimacy. This is particularly important for software that handles sensitive information.

4. Stay fresh. Perform regular updates: Keep your macOS and all installed applications up to date. Software updates often include patches for security vulnerabilities that malware could exploit.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

5. Enable firewall: Use macOS’ built-in firewall or a third-party firewall to monitor incoming and outgoing connections. Turning it on can make you safer by helping detect and block malicious activity.

6. Be wary of strange requests: Be cautious about unsolicited requests to access your computer or install software, especially those from pop-ups or unfamiliar emails. The rule I live by is that if you did not ask for it, then never engage or reply. This makes it harder for a criminal hacker to gain access to your life.

7. Use strong passwords and 2FA: Enable two-factor authentication to enhance overall security.

8. Backup your data: Regularly back up important data to an external drive and/or a cloud-based service. This helps ensure that you can recover your data in case of a malware attack. It may also be a good idea to keep any sensitive files on your hard drive as well, to make it harder for the hacker to get their hands on your precious data. I routinely plug in a portable USB drive to my computer, back it important files, photos and records, unplug it and stash in a safe spot at home.

9. Create strong passwords: Use unique passwords for different accounts and consider using a password manager to keep track of them. Who can remember a litany of complicated passwords?  That’s why password managers are so effective at helping you store and retrieve passwords.

MORE: HOW CRYPTO IMPOSTERS ARE USING CALENDLY TO INFECT MACS WITH MALWARE

Kurt’s key takeaways

As I’ve mentioned before, one of the selling points of Mac computers is that people tend to believe they are less vulnerable to cyberattacks than Windows PC. But this is clearly not the case, and Mac owners need to be aware of what lies out there in order to stay safe, not just from this particular threat but any new ones that come out faster than they can be patched.

CLICK HERE TO GET THE FOX NEWS APP

With the rise of more cyberattacks aimed at Mac and MacBook, have you added protection to help keep out the bad guys? Or worse, has one infected you yet? Let me know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover.

Answers to the most asked CyberGuy questions:

Copyright 2024 CyberGuy.com. All rights reserved.



Source link

About The Author

Scroll to Top