According to the latest reports, it looks like new malware is on the loose, and your Mac could be in trouble. Check out the latest details about what’s been going on and how you can avoid such issues.
New macOS malware
Tom’s Guide notes that hackers are using a new Mac malware to launch attacks against both newer Macs running Apple Silicon as well as older Intel-based Macs.
According to a report by The Hacker News, security researchers at Kandji, a device management company, have identified a new malware named Cuckoo.
This malware is capable of targeting both newer and older Macs. What distinguishes Cuckoo from other malware is that it combines the characteristics of both infostealer malware and spyware.
In a blog post, Adam Kohler and Christopher Lopez of Kandji discovered a malicious Mach-O binary named “DumpMedia Spotify Music Converter” on VirusTotal, which had not been detected before.
They searched for the program online and discovered that it was being distributed through dumpmedia[.]com.
The website offers various applications that allow users to pirate music from streaming services by converting them to MP3 files.
The Cuckoo malware is presently being spread via music piracy websites, but there’s a possibility that the attackers might use other fake applications to distribute it.
It is essential to understand the threat this new Mac malware poses and how you can keep your Mac virus-free. Read on to find out more.
The researchers found an application bundle within the DumpMedia Spotify Music Converter app after downloading it.
This is noteworthy because macOS apps usually only require dragging into the Applications folder. In contrast, this app prompts users to right-click and then open it.
The application found in the bundle was not signed with a developer ID. This means that Apple’s Gatekeeper will attempt to prevent it from running.
However, if the user manually allows it to run on their computer, the malware will proceed with its harmful actions.
Similar to the MacStealer malware, Cuckoo also employs a script that shows a fake password prompt to deceive users into entering their system password.
In case the hackers successfully obtain the victim’s system password, they can then enhance the privileges of the malware on the affected device.
Leave a Reply