While Mac users used to enjoy a lack of viruses versus Windows machines, hackers are finding ways to get viruses onto macOS to wreak havoc. One of them is the Cuckoo virus, which—despite its non-threatening name—can steal a lot of your data. So, what is the Cuckoo virus, and how do you avoid it on your Mac?

What Is Cuckoo?

As reported by security research firmKandji, Cuckoo is a virus that affects both Intel and Arm-based Macs. While the attack vector of Cuckoo is relatively unknown right now, the top suspects at the time of writing are websites that offer free downloads.

Once Cuckoo gets onto a Mac, it begins monitoring the PC and extracting personal and sensitive data. While Cuckoo has been making the rounds for a while now, the cybersecurity company SentinelOne has noticed that hackers have been deploying the malware more than usual.

How Does Cuckoo Spread?

Right now, researchers believe that Cuckoo spreads viamalicious websites. However, they also noticed that the malware was typically hosted on websites offering a video-to-MP3 conversion tool.

These websites usually offer an app to rip videos from websites such as YouTube and download them as MP3 files, with some offering free and paid versions of the app they’re offering. However, regardless of whether the app does the job it says it does, it will also bring Cuckoo onto your system.

What Does Cuckoo Do?

Once Cuckoo is on your system, it will do its best to stay hidden and undetected. It will then scan your computer for personal and sensitive information and send it back to the original malware developer.

AsThe Hacker Newsputs it:

It’s equipped to run a series of commands to extract hardware information, capture currently running processes, query for installed apps, take screenshots, and harvest data from iCloud Keychain, Apple Notes, web browsers, crypto wallets, and apps like Discord, FileZilla, Steam, and Telegram.

In addition, Cuckoo has a nasty trick up its sleeve: It uses Osascript to show you a fake system password entry box. As you’d expect, if you enter your password into it, the malware can use it to grant administrator privileges on your devices and access even more of your data.

How to Avoid Being Infected by Cuckoo

Cuckoo is a nasty piece of work that can potentially leak all of your private information to a malicious third party. Fortunately, you can be smart about using your Mac and avoid being infected by Cuckoo.

First, be careful about which apps you install from online sources. If you want an app to perform a specific job, it’s best to look around on forums and boards like Reddit to see what people there recommend. If you search Google for the app you want, you’re more likely to be served something laced with malware.

Even if you look for a legitimate app, be sure you know what you’re clicking on. Scammers can boost malicious copies of legitimate websites up Google’s rankings to trick people into downloading infected apps. If you’re suspicious of a URL, check out thesequick sites that let you check if a link is safebefore downloading anything.

Finally, it’s worth grabbing an antivirus app to keep you safe if you end up downloading something malicious. Fortunately, you don’t need to pay a cent to protect your machine; just try one of thesetruly free antivirus apps for your Mac.

While Cuckoo sounds scary on paper, it’s very easy to keep yourself safe from it. Be careful about what you download, install a good antivirus, and you should be fine.