Set as Homepage - Add to Favorites

【About】

Source:Unobstructed Information Network Editor:Entertainment Time:2025-06-26 13:09:19

Mac users,About beware. There's a new malware hiding amongst third-party apps that can steal your sensitive data. Everything from your Mac's hardware information, your notes, and saved passwords can be stolen. It can even capture screenshots of your computer while you use it.

This malware has been named Cuckoo by Kandji, an Apple device security company which recently published a report about its discovery. Here are some of the most alarming details about Cuckoo.

Where Cuckoo was found hiding

According to Kandji's report, Cuckoo was initially found packaged with a Spotify music downloader app called "DumpMedia Spotify Music." The app claims to help users rip music off of Spotify so they can directly download the audio file as an MP3.

You May Also Like

Upon further investigation, however, Cuckoo was discovered with a number of other third-party music downloader apps and iPhone/Android backup software distributed by websites such as "tunesolo[.]com, fonedog[.]com, tunesfun[.]com, tunefab[.]com."

The report focuses on the DumpMedia Spotify Music app, which is where Cuckoo was initially discovered — and lays out some interesting details. For example, after downloading most legitimate Mac apps distributed outside of Apple's official App Store, a user is usually asked to drag the app from the .DMG file to the computer's Applications folder. However, in the case of the DumpMedia Spotify Music, the user is directed to right-click the app and choose "Open." 

From there, the malware starts gathering information from the host device. The Mac user who initiated the download would be none the wiser, however, as Kandji's report notes that the DumpMedia Spotify Music proceeds to install and open in order to obscure the malware.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

What does Cuckoo steal?

Once the user installs the DumpMedia Spotify Music app, Cuckoo gets right to work.

According to Kandji, Cuckoo gathers hardware details about the Mac, along with information about installed apps and processes that are currently running on the computer.

Cuckoo can steal a substantial amount of user information from the Mac, too. It pulls data from Apple Notes and messaging apps, including Discord and Telegram.

It can collect Safari web-browsing history and cookies, as well as sensitive data stored in iCloud Keychain. Cuckoo can also grab real-time data, as it can take screenshots without the user being aware that their current screen is being recorded.

Kandji says that the malware can target the older Intel-based Macs as well as the new Silicon Macs (M1, M2, M3, etc.).

All of the apps, but one, that were discovered to contain Cuckoo malware were registered to a "valid Developer ID of Yian Technology Shenzhen Co., Ltd." Fonedog's developer ID was tied to a developer ID of FoneDog Technology Limited. Kandji believes there are other websites and applications out there hosting the Cuckoo malware that have still yet to be discovered.

Mac users should proceed with caution when downloading any apps from unknown, third-party developers.

Topics Apple Cybersecurity

Previous:Hidden Siri Commands and Unusual Responses

Next:10 Tech Predictions for 2017

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

Arsenal vs. Monaco 2024 livestream: Watch Champions League for freeMozilla Firefox removes ‘Do Not Track’ settingHow to unblock porn for freeYouTube TV is getting a big price hike in JanuaryWhy is ChatGPT's Santa Mode only for ages 13 and up?NYT mini crossword answers for December 13Get 50% off gaming headsets at Best BuyStanley cup recall 2024: These mugs are being recalled for burning consumersIndiana Pacers vs. Philadelphia 76ers 2024 livestream: Watch NBA onlineBest Etsy deal: Take $5 off any purchase of $30 or more with code LASTCHANCE24'Split Fiction' handsHoliday savings on Apple at Target: Get $100 offBest tablet deal: Get $200 off the Samsung Galaxy Tab S9 FE+ at SamsungBest free online courses from Harvard UniversityNYT Connections Sports Edition hints and answers for December 12: Tips to solve Connections #80NYT Connections Sports Edition hints and answers for December 12: Tips to solve Connections #80Best free online courses from Harvard University'Astro Bot' (PS5): Get it for $49.99 at Best BuyChatGPT with Siri integration is now live for iPhone, iPad, and MacSpotify Premium: Get three months free How to Leave Your Lover with Lemons by Chantel Tattoli The Other Billy Collins by Anthony Madrid Harry Mathews’s Drifts and Returns by Daniel Levin Becker Pendulum by Jill Talbot Sleep and the Dream by László F. Földényi Whiting Awards 2020: Jake Skeets, Poetry Announcing Our New Publisher, Mona Simpson by The Paris Review Never Childhood to a Child by Peter Orner Staff Picks: Cinema, Sebald, and Small Surprises by The Paris Review Redux: I Struggle to Stay inside Sleep by The Paris Review Krazy Kat Gets the Spanish Flu by George Herriman Emily Dickinson’s White Dress by Martha Ackmann Staff Picks: Gossip, Ghosts, and Growth by The Paris Review Less Is More by Kyle Chayka Staff Picks: Long Walks, Little Gods, and Lispector by The Paris Review Witchcraft and Brattiness: An Interview with Amina Cain by Martin Riker ‘The Paris Review’ Wins the 2020 National Magazine Award for Fiction The Rooms by Jill Talbot On Minor Feelings by Cathy Park Hong Redux: The Folded

2.6806s , 10132.5390625 kb

Copyright © 2025 Powered by 【About】,Unobstructed Information Network  

Sitemap

Top

Quick Links