What you need to know about this new threat targeting Apple computers running macOS
Apple’s macOS is making headlines once again for a new type of malware attack stealing files from its target's computer.
These files can hold sensitive information, which can then be used to commit further crimes once the perpetrator gets access to them.
If you own an Apple device running macOS on an Intel or ARM silicon chip, here's what you need to know.
MacBook ProWhat we know about the 'Cuckoo' malwareThe 'Cuckoo' malware, as it's been named by the security provider Kandji, is a new type of malware that meticulously searches for files linked to specific applications on your Mac or MacBook to extract as much data as possible. It is designed to gather a wide array of information, including hardware details, active processes, applications, and more installed on your system.
Additionally, Cuckoo can capture screenshots and access data from various sources, such as sensitive iCloud Keychains, Apple Notes, web browsers and popular communication apps like Discord, Telegram, Steam, and cryptocurrency wallets.
A hacker using a Mac. (Kurt "CyberGuy" Knutsson)How does it work?Cuckoo is distributed via malicious websites that promote a supposed tool for ripping music from streaming services and converting these into .MP3 files. This tool is offered in free and paid versions, tempting users to download and install it. Once installed, the malware relies on annoying and persistent pop-ups using LaunchAgent, a method used in other malware campaigns like XLoader.
Who is behind Cuckoo?No one threat actor has taken responsibility for the malware campaign. Still, it's worth noting that Cuckoo refuses to operate if the device is located in certain countries — like Kazakhstan, Russia, Belarus, Ukraine and Armenia — which could mean it's coming from a group in one of these countries or operating out of this region as a whole.
However, The Hacker News reported that "each malicious application contains another application bundle within the resource directory," the researchers said. Translation: A bunch of bad stuff is found wrapped inside another wad of bad stuff.
A person using a Mac. (Kurt "CyberGuy" Knutsson)How to keep yourself safe from malware attacksSo, how do you keep yourself safe from this malware attack and other threats targeting our technology running macOS? After all, they can be sophisticated and sneaky, making it hard to recognize even when it's right in front of you. Not to worry, that’s why I’m here. They don’t call me the CyberGuy for nothing. I’ve got you covered. Here are 9 steps to enhance your cybersecurity and safeguard your digital life:
1. Use good antivirus software: Install and maintain reliable antivirus protection tailored for macOS. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Ensure it is set to update automatically and run regular scans. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.
2. Don’t get software from strangers: Always download software from reputable and official sources. Avoid downloading applications from third-party websites or links found in unsolicited emails and messages.
3. Check the software maker’s credentials: Before installing any software, check the developer's credentials and read reviews to ensure their legitimacy. This is particularly important for software that handles sensitive information.
4. Stay fresh. Perform regular updates: Keep your macOS and all installed applications up to date. Software updates often include patches for security vulnerabilities that malware could exploit.
5. Enable firewall: Use macOS’ built-in firewall or a third-party firewall to monitor incoming and outgoing connections. Turning it on can make you safer by helping detect and block malicious activity.
6. Be wary of strange requests: Be cautious about unsolicited requests to access your computer or install software, especially those from pop-ups or unfamiliar emails. The rule I live by is that if you did not ask for it, then never engage or reply. This makes it harder for a criminal hacker to gain access to your life.
7. Use strong passwords and 2FA: Enable two-factor authentication to enhance overall security.
8. Backup your data: Regularly back up important data to an external drive and/or a cloud-based service. This helps ensure that you can recover your data in case of a malware attack. It may also be a good idea to keep any sensitive files on your hard drive as well, to make it harder for the hacker to get their hands on your precious data. I routinely plug in a portable USB drive to my computer, back it important files, photos and records, unplug it and stash in a safe spot at home.
9. Create strong passwords: Use unique passwords for different accounts and consider using a password manager to keep track of them. Who can remember a litany of complicated passwords? That’s why password managers are so effective at helping you store and retrieve passwords.
source
