hasamba🎯 AI
===================
Executive summary: Attackers conducted an AI/SEO poisoning campaign that placed malicious ChatGPT and Grok conversations at the top of Google searches for common macOS troubleshooting queries. Victims copied a Terminal command from a legitimate-seeming AI conversation that fetched and executed an AMOS macOS stealer. No phishing email, trojanized installer, or bypass of macOS protections was observed.
Technical details:
• Malware: AMOS (Atomic macOS Stealer) variant observed harvesting passwords, escalating to root, and establishing persistent mechanisms on macOS hosts.
• Initial access: Search-engine poisoning that returned AI-hosted conversations (ChatGPT, Grok) instructing users to run Terminal commands framed as "safe system cleanup."
• Behavior: Silent credential harvesting, privilege escalation, persistence, and data exfiltration to attacker infrastructure (specific C2 domains were not provided in the source).
🔹 Attack Chain Analysis
• Initial Access: AI/SEO poisoning — malicious AI conversations ranked highly for benign queries like "clear disk space on macOS."
• Download/Execution: Victim copied a Terminal command from the AI conversation which downloaded and executed the stealer.
• Privilege Escalation: Observed escalation to root as part of the payload.
• Persistence: Installer created mechanisms to survive reboots and maintain data access.
• Exfiltration: Collected credentials and user data were exfiltrated (telemetry showed data leak activity).
Detection guidance:
• Monitor for unexpected use of Terminal by non-admin users following web searches for benign tasks.
• Alert on processes that spawn network connections shortly after Terminal invocation, and on unusual child processes of bash/zsh/sh.
• Inspect persistence artifacts and anomalous privilege escalations tied to recently executed shell commands.
Limitations and open questions:
• The report reproduces poisoned results across similar queries, but specific C2 indicators and hashes were not disclosed in the summary.
• Attribution and infrastructure details remain undeclared in the provided content.
Takeaway: This campaign demonstrates a shift from malware-hosted lures to weaponizing trusted AI platforms and search rankings to deliver malware via copy-paste commands. #AIpoisoning #AMOS #macOS #search_poisoning #LLM_attack
🔗 Source: https://www.huntress.com/blog/amos-stealer-chatgpt-grok-ai-trust
AI-Poisoning & AMOS Stealer: How Trust Became the Biggest Mac Threat | Huntress
Attackers are exploiting user trust in AI and aggressive SEO to deliver an evolved Atomic macOS Stealer. Learn why this social engineering tradecraft bypasses traditional network controls and the future of macOS infostealer defense.