Cybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that’s designed to set up persistence on the infected hosts and act as a spyware.
Dubbed Cuckoo by Kandji, the malware is a universal Mach-O binary that’s capable of running on both Intel- and Arm-based Macs.
The exact distribution vector is currently unclear, although there are indications that the binary is hosted on sites like dumpmedia[.]com, tunesolo[.]com, fonedog[.]com, tunesfun[.]com, and tunefab[.]com that claim to offer free and paid versions of applications dedicated to ripping music from streaming services and converting it into the MP3 format.