Digital Trends: This invisible technique poisons songs so AI can’t clone them. “The system targets a song’s waveform. My Music My Choice adds microscopic alterations so subtle that you’ll never notice them. Play the track on Spotify and it sounds exactly like the master recording. But feed that file into cloning software and everything breaks.”

• https://github.com/searxng/searxng/issues/2163
• https://github.com/searxng/searxng/issues/2008
• https://github.com/searxng/searxng/issues/2273

The Push To Poison AI

#News #TechNews #AI #ArtificialIntelligence #AItraining #AIpoisoning

https://youtu.be/B0xQHCMcbQU

Daily Podcast: The Push To Poison AI

#News #TechNews #AI #ArtificialIntelligence #AItraining #AIpoisoning #podcast

https://soundcloud.com/nickaesp/pfa

🎯 AI
===================

Executive summary: Attackers conducted an AI/SEO poisoning campaign that placed malicious ChatGPT and Grok conversations at the top of Google searches for common macOS troubleshooting queries. Victims copied a Terminal command from a legitimate-seeming AI conversation that fetched and executed an AMOS macOS stealer. No phishing email, trojanized installer, or bypass of macOS protections was observed.

Technical details:
• Malware: AMOS (Atomic macOS Stealer) variant observed harvesting passwords, escalating to root, and establishing persistent mechanisms on macOS hosts.
• Initial access: Search-engine poisoning that returned AI-hosted conversations (ChatGPT, Grok) instructing users to run Terminal commands framed as "safe system cleanup."
• Behavior: Silent credential harvesting, privilege escalation, persistence, and data exfiltration to attacker infrastructure (specific C2 domains were not provided in the source).

🔹 Attack Chain Analysis
• Initial Access: AI/SEO poisoning — malicious AI conversations ranked highly for benign queries like "clear disk space on macOS."
• Download/Execution: Victim copied a Terminal command from the AI conversation which downloaded and executed the stealer.
• Privilege Escalation: Observed escalation to root as part of the payload.
• Persistence: Installer created mechanisms to survive reboots and maintain data access.
• Exfiltration: Collected credentials and user data were exfiltrated (telemetry showed data leak activity).

Detection guidance:
• Monitor for unexpected use of Terminal by non-admin users following web searches for benign tasks.
• Alert on processes that spawn network connections shortly after Terminal invocation, and on unusual child processes of bash/zsh/sh.
• Inspect persistence artifacts and anomalous privilege escalations tied to recently executed shell commands.

Limitations and open questions:
• The report reproduces poisoned results across similar queries, but specific C2 indicators and hashes were not disclosed in the summary.
• Attribution and infrastructure details remain undeclared in the provided content.

Takeaway: This campaign demonstrates a shift from malware-hosted lures to weaponizing trusted AI platforms and search rankings to deliver malware via copy-paste commands. #AIpoisoning #AMOS #macOS #search_poisoning #LLM_attack

🔗 Source: https://www.huntress.com/blog/amos-stealer-chatgpt-grok-ai-trust

Ars Technica: AI models can acquire backdoors from surprisingly few malicious documents. “The research involved training AI language models ranging from 600 million to 13 billion parameters on datasets scaled appropriately for their size. Despite larger models processing over 20 times more total training data, all models learned the same backdoor behavior after encountering roughly the same […]

https://rbfirehose.com/2025/10/19/ars-technica-ai-models-can-acquire-backdoors-from-surprisingly-few-malicious-documents/