New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs

Malawi CERT warns about a new information stealer targeting Apple macOS systems that’s designed to set up persistence on the infected hosts and act as a spyware. Hackers are using a new Mac malware to launch attacks against both newer Macs running Apple Silicon as well as older Intel-based Macs.

Cuckoo, like the MacStealer macOS stealer malware, also leverages osascript to display a fake password prompt to trick users into entering their system passwords for privilege escalation. If the hackers behind this malware do get a victim’s system password, they can then escalate the malware’s privileges on the infected machine.The malware works by grabbing crypto private keys copied to the clipboard and data associated with wallet extensions installed on Google Chrome.

Malawi CERT recommends macOS users to avoid visiting pirated sites and opening suspicious emails.

Scroll to Top
Skip to content