Apple used to tout the fact that Macs didn't get viruses, and while Apple definitely has good anti-malware software, their machines are far from impervious to infection. And with Macs more popular than ever, there exists even more potential malware out there, ready to steal your data and ruin your day. The latest can even take screenshots of what's on your Mac's monitor without your knowledge.
Researchers from Kandji have discovered the threat targeting Macs, and it's not great news. Kandji reports this new malware, which they've named "Cuckoo," is a mix between spyware and an infostealer. They discovered it in apps hosted by a site called "DumpMedia," which purported to convert songs on streaming services into MP3s.
When researchers downloaded one of these apps, they noticed the DMG, which allows you to install the app on your Mac, had different installation instructions than most DMGs: Rather than dragging the app to your Applications folder, this DMG instructed users to right click on the app and choose "Open." Unbeknownst to many users, this action bypasses some of the security features that serve as the first lines of defense for newly installed apps downloaded from the web.
Rather than follow these suspicious instructions, researchers choose "Show Package Contents" so they could see what the app was hiding. While they did find a legitimate-looking "DumpMedia Spotify Music Converter" bundle, they also found a suspicious executable file that had no developer ID. That would normally trip Apple's Gatekeeper program to block the app from opening—hence why the malicious developers prompted potential victims to unwittingly bypass these protections.
Researchers then tested the software by opening it, and found it immediately started gathering information about the machine and running a long list of processes. Interestingly, the program will not continue if it detects the computer is based in Armenia, Belarus, Kazakhstan, Russia, or Ukraine. After more processes, it sneakily asks for your password with a "macOS needs to access System Settings" prompt. Once you enter it, the programs saves your password. It then checks to make sure the password is correct.
From here, the program asks for permission to access Finder, Downloads, and your microphone, then continues to scrape details about your Mac's hardware, before scraping files from Safari (including bookmarks, cookies, and history), Notes, and Keychain (which contains your passwords). As if that weren't invasive enough, the malware then initiates the screenshot function, even muting your speakers whenever it takes a screenshot so you don't hear the sound and realize what's happening.
All the while, there is an actual program running as advertised, keeping the victim in the dark about all the nefarious processing churning away in the background. According to researchers, DumpMedia is just one site hosting these malicious apps. Others, such as TuneSolo, FoneDog, TunesFun, and TuneFab, all host similar streaming-converter apps, as well as Android recovery tools that feature the same malware.
This story serves as a good reminder to be careful when downloading apps directly from the web onto your devices, whether that's a Mac, PC, Android, or an iOS device (in the E.U., anyway). While there are plenty of legitimate apps on the internet (as opposed to in an app store like Google Play or the iOS App Store), there are many that are not, so it's important to vet each program before downloading it.
Research the app, and see if others have had positive experiences with both it and its host site. Speaking of which, it's safest to download apps from the developer itself: If DumpMedia is hosting a third-party app, for example, that's riskier than if the app's developer offers it directly.
In addition, never skirt your Mac's built-in malware defenses. You might not have known that right-clicking on an app and opening rather than dragging it to the Applications folder bypasses Gatekeeper, but it does. If you follow the normal process and macOS says there's a problem with the app, believe it. Download your apps from the official Apple App Store when you can, and when you can't, exercise extra caution.
Hot on the heels of Microsoft’s Copilot+ PC announcements last week, Google is refreshing Chomebooks with new AI features to match. These include the
I’ve always been a fan of “just barely electric” e-bikes—unobtrusive machines that are 90% bicycle, 10% extra power to conquer the occasional hill—but
When you think about Amazon's Echo devices, you obviously think of Alexa. The voice is simply iconic, but that doesn't mean it's the only option for y
iOS 18 brought with it plenty of new features and changes, but also bugs and glitches. With one bug in particular, your saved messages are put at risk
Apple really wanted the Apple Vision Pro to take over the VR landscape when it released earlier this year, but after months of returns and rumors of d
Walmart is one of countless retailers with Black Friday sales this year. If you're interested in the best tech on sale today, see our best Black Frida
We are a dynamic information platform dedicated to delivering timely, relevant, and reliable content across a broad spectrum of topics. From the latest in technology and business to lifestyle, health, and global affairs, we aim to keep our readers informed and inspired.
Our editorial team is committed to maintaining high standards of accuracy and clarity, ensuring that every article provides value and context in an ever-changing world. We believe in the importance of accessible knowledge and strive to make complex topics understandable for everyone.
Whether you're here to stay updated on current events, explore thought-provoking features, or simply learn something new, our goal is to offer a trustworthy source of information that meets the needs of a diverse and curious audience.