The web is teeming with spyware posing as legitimate, valuable applications.
Table Of Contents
Whats Cuckoo Spywares Disguise?
Cuckoo disguises itself as a Mach-o binary, an executable format designed for Apple systems.
Kandji researchers started with a file namedDumpMediaSpotifyMusicConverter, also called upd uploaded to Virus Total.
It tracks and records the data from iCloud Keychain, Apple Notes, web browsers, and crypto wallets.
Even apps like Discord, FileZilla, Steam, and Telegram are its target.
Kandji researchers note that the spyware mutes the system sound to capture screenshots.
It also launches the app to cover its tracks and act like nothing happened.
App bundles on Fonedog have a different ID: FoneDog Technology Limited (CUAU2GTG98).
The malicious binary didnt run becauseGatekeeperblocked it.
After granting manual permission, the app checked for the locale to determine the users country.
Avoid downloading apps from untrustworthy sites toprotect your Macfrom spyware like Cuckoo.
source: www.techworm.net
