5월 10, 2024
macOS Cuckoo Stealer Malware VS SentinelOne: Protection
Cuckoo Stealer is a novel infostealer trojan with unique spyware properties. The malware is written in C++ and was created using a legacy build of Xcode. Cuckoo Stealer has been observed masquerading within trojanized applications including:
-App Uninstaller.app
-DumpMedia Amazon Music Converter.app
-FoneDog Toolkit for Android on Mac.app
-iMyMac PDF Compressor.app
-PowerUninstall.app
-TuneSolo Apple Music Converter.app
Cuckoo Stealer relies heavily on user interaction for full execution. False authentication prompts (via AppleScript) are used to acquire a victim's credentials.
The actors behind the Cuckoo Stealer campaign have clearly invested some resources into developing a novel infostealer rather than buying any of the ready-made offerings currently circulating in various Telegram channels and darknet forums. This, along with the rising numbers of samples we have observed since initial reporting of this threat, suggests that we will likely see further variants of this malware in the future.
Enterprises are advised to use a third party security solution such as SentinelOne Singularity to ensure that devices are protected against this and other threats targeting macOS devices in the fleet. At the time of writing the latest version of XProtect, version 2194, does not block execution of Cuckoo Stealer malware. SentinelOne customers are protected from macOS Cuckoo Stealer.
~Subscribe to our channels:~
Website: https://www.sentinelone.com/
LinkedIn: https://www.linkedin.com/company/sentinelone/
Twitter: https://twitter.com/SentinelOne
Facebook: https://www.facebook.com/SentinelOne
Instagram: https://www.instagram.com/sentinelsec/
Threads: https://www.threads.net/@sentinelsec
관련 리소스
데이터시트
Singularity™ Complete AI 지원 엔드포인트와 클라우드 보안
점점 더 복잡해지는 보안 아키텍처와 데이터 소스, 제한된 리소스, 더욱 정교해지는 공격에 직면한 보안 팀은 AI 지원 공격 세례에 대비하느라…
지금 읽기
Resource
SentinelOne PartnerOne - America's 2025
⛳️ Last week in Pebble Beach the America's best cybersecurity partners came together for our annual PartnerOne summit. Check out…
View Asset