A new macOS-focused AMOS infostealer campaign is redirecting users to shared ChatGPT and Grok conversations via malicious Google ads. The chats contain Terminal commands that decode into a script installing AMOS with elevated privileges.

AMOS then targets crypto wallets, browser data, Keychain items, and more - with persistence handled through LaunchDaemons and AppleScripts.

This campaign highlights how AI platforms and search ads can be misused as delivery mechanisms.

What safeguards should exist to prevent similar abuse?

Source:
https://www.bleepingcomputer.com/news/security/google-ads-for-shared-chatgpt-grok-guides-push-macos-infostealer-malware/

Follow TechNadu for more threat-intel updates.

#Infosec #ThreatIntel #macOSSecurity #AMOS #Malware #DigitalSafety #AIChatSecurity #CyberAwareness