New Cuckoo Malware Is Targeting Mac Users: Here's How to Spot It!

Although Mac users are less likely to encounter viruses than Windows users, hackers still find ways to introduce viruses to wreak havoc on macOS. One of them is the Cuckoo virus, which - despite its harmless-sounding name - can steal a lot of your data. So what is the Cuckoo virus and how can you avoid it on your Mac?

What is Cuckoo?

According to a report by security research firm Kandji, Cuckoo is a virus that affects both Intel and ARM-based Macs. Although Cuckoo's attack method is currently unknown, the leading suspect at the time of writing is free download websites.

Once Cuckoo accesses a Mac, it begins monitoring the PC, extracting personal and sensitive data. Cuckoo has been around for a while, cybersecurity company SentinelOne noticed that hackers were deploying the malware more than usual.

How does cuckoo spread?

Currently, researchers believe that Cuckoo is spread through malicious websites. However, they also found that malware is often hosted on websites that provide video to MP3 conversion tools.

These websites often provide applications to copy videos from sites like YouTube and download them as MP3 files, some websites offer free and paid versions of the applications they offer. However, regardless of whether the application does the required job or not, it will inject Cuckoo into the user's system.

What will Cuckoo do after appearing on the system?

When Cuckoo is present on the system, it will try its best to stay hidden and undetected. It then scans the computer for personal and sensitive information and sends it back to the original malware developer.

As The Hacker News said:

It is equipped to run a series of commands to extract hardware information, capture currently running processes, query installed applications, take screenshots and collect data from iCloud Keychain, Apple Notes , web browsers, cryptocurrency wallets, applications like Discord, FileZilla, Steam, and Telegram.

Additionally, Cuckoo has a nasty trick up its sleeve: It uses Osascript to display a fake system password input box. As expected, if a user enters a password there, malware can use that password to grant admin rights on the device and access even more data.

How to avoid being infected with Cuckoo malware?

Cuckoo is a nasty malware, capable of leaking all personal information to malicious third parties. Luckily, there are ways to avoid being infected by Cuckoo.

First, be careful about installing apps from online sources. If you want an app to do a specific job, it's best to search forums like Reddit to see what people there recommend. If you search for your desired app on Google, you'll likely get something that contains malware.

Even if you're looking for a legitimate app, make sure you know what you're clicking on. Fraudsters can boost malicious copies of legitimate websites to high rankings on Google to trick people into downloading infected apps. If in doubt about a URL, check out sites that allow you to check if a link is safe before downloading anything.

Finally, it is recommended to use an antivirus application to stay safe and avoid downloading something malicious. Luckily, you don't need to pay a penny to protect your computer; Just try one of these free antivirus apps for Mac.

Although Cuckoo sounds scary on paper, it's easy to stay safe from it. Be careful what you download, install a good antivirus and everything will be fine.