As generative AI tools become integral to problem-solving, cybersecurity threats are evolving, with attackers exploiting user trust in AI-generated advice. Security researchers, including Kaspersky and Huntress, warn of malicious “solutions” posing as legitimate guidance, particularly through commands executed in PowerShell or Terminal that can install malware. This tactic, akin to social engineering, leverages a technique called ClickFix, where harmful instructions are presented in the format of credible AI interactions. Such misleading guides often lead users to grant extensive permissions, installing malware like AMOS (Atomic macOS Stealer) that captures sensitive data, including keystrokes, browser information, and cryptocurrency wallets. Alarmingly, attacks are being facilitated by paid ads and seemingly legitimate domains, compromising users through their trust in AI. Experts advise caution: always avoid executing commands from uncertain sources, as attackers adapt rapidly, outpacing traditional security measures in the evolving digital landscape.
Source link
Share
Read more