ChatGPT increases Mac malware attacks | ENBLE

ChatGPT increases Mac malware attacks | ENBLE

Mac Malware: Rising Threats and the ChatGPT Challenge

Mac Malware

It’s no secret that Macs have long enjoyed a reputation for being less prone to malware compared to their Windows counterparts. However, recent developments in artificial intelligence, particularly the rise of ChatGPT, are challenging this status quo. Even the FBI has issued warnings about the potential cybersecurity implications. With these concerns in mind, software developer Macpaw has launched Moonlock, its own cybersecurity division dedicated to fighting Mac malware. We spoke to Oleg Stukalenko, Lead Product Manager at Moonlock, to gain insight into the rising threat of Mac malware and how ChatGPT could give hackers an unprecedented advantage over everyday users.

State-sponsored attacks target Macs

State-sponsored attacks

The advent of Apple silicon has rejuvenated Apple’s computers, leading to a spike in global Mac sales since its introduction in 2020, according to Statista. This surge in Mac usage makes the platform an attractive target for malware writers, enticed by the increasing number of potential victims. Oleg Stukalenko explains that the growing quantity of Mac computers has made macOS an appealing target for cyberattacks. He cites the case of North Korea’s Lazarus Group, one of the first state-sponsored groups to target Macs, as a clear indication of the elevated risk. Although newer processor architectures like Apple silicon may be considered safer in theory, Moonlock’s analysis of malware samples reveals that most threats affect both Intel and ARM architectures present in Macs.

The ChatGPT threat is on the rise


While ransomware often dominates the headlines, Moonlock reveals that the fastest-rising threat to Macs is different types of stealers. These malware variants usually take the form of trojans that gather sensitive information from victims’ systems, such as usernames, passwords, credit card details, and login credentials. Keyloggers, a type of malware that records everything the victim types, also fall into this category. Additionally, Mac users now face the emerging threat of ChatGPT. Although the chatbot itself is not inherently malware, it can be misused by malicious actors. With some clever prompt engineering, bad actors can task ChatGPT with writing malicious code. Moonlock’s Oleg Stukalenko explains that ChatGPT can be used to generate multiple code snippets quickly for malware prototyping. This capability gives hackers an additional weapon, allowing them to create polymorphic malware that continuously morphs its code in order to evade antivirus detection. Although not highly prevalent at the moment, ChatGPT poses a serious threat in the near future.

Overcoming ChatGPT’s defenses

ChatGPT and laptop

Despite efforts by OpenAI to implement safeguards within ChatGPT to prevent malicious code generation, Oleg Stukalenko notes that these defenses can be easily overcome. The Moonlock team was able to use ChatGPT to generate working encryption code that could be used in ransomware, bypassing the guardrails in a straightforward manner. However, there is some good news. While ChatGPT can spin up functional malware code, it is also prone to providing faulty outputs that behave abnormally. Stukalenko compares this to image generators that sometimes create pictures of people with seven fingers. Cybersecurity experts have similarly observed this inconsistency in ChatGPT’s outputs. Stukalenko affirms that Mac users are not at a higher risk than users of any other operating system. This highlights that the threat posed by ChatGPT is a platform-agnostic problem.

How to safeguard your Mac

Macbook Pro

Given the widely recognized belief that macOS is more secure than Windows, it is not entirely unfounded to feel that Macs are safer. Apple prioritizes security and has consistently added more security features to macOS over the years. The App Store’s rigorous review process significantly reduces the risk of installing malware compared to other platforms. However, this robust security and the perception of the system’s invulnerability have created a myth that malware does not exist on macOS. Moonlock’s research indicates that 57% of Mac users either agree or hesitate to disagree with this statement, leaving them vulnerable to potential cyberattacks.

To stay safe on your Mac, Moonlock recommends the following:

  1. Prioritize downloading apps from the official App Store, which requires notarization and thorough checks by Apple.
  2. Avoid downloading apps from unofficial sources, including Google or banner ads that may hide malware.
  3. Steer clear of torrents, as they are notorious for spreading malware.
  4. Install an antivirus app from a trusted developer.

By following these guidelines, Mac users can significantly reduce the risk of falling victim to malware, even those assisted by AI tools like ChatGPT. Remember, no system is entirely immune to threats, and staying vigilant is crucial in the ever-evolving landscape of cybersecurity.