Cybercriminals exploiting ChatGPT and Grok chats to spread AMOS malware to Macs (techoreon.com)

Cybercriminals are exploiting reputable AI platforms like ChatGPT and Grok to distribute malware called Atomic macOS Stealer (AMOS) to Mac users, bypassing traditional security measures. Researchers from Huntress revealed that attackers are using "SEO poisoning" to place manipulated chat links prominently in Google search results for common macOS troubleshooting queries. These seemingly legitimate links lead users to instructions that ask them to paste malicious code into the macOS Terminal, enabling the execution of a script that requests their password without triggering any security notifications. The significance of this campaign lies in its innovative approach to leveraging trusted platforms and social engineering to execute malware attacks, raising concerns within the AI/ML community about the potential misuse of AI technologies. Once installed, the AMOS malware stealthily compromises cryptocurrency wallets, extracts browser passwords, and maintains persistence through a hidden monitoring script. This tactic highlights an alarming trend where users, trusting the reputable nature of AI platforms, inadvertently follow harmful instructions. Security experts caution against executing Terminal commands from unverified sources, emphasizing the need for heightened awareness and vigilance within the digital landscape.