New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis

A new macOS malware, codenamed Gaslight, was discovered this week to employ prompt injection techniques to disrupt AI-assisted analysis. This Rust-based implant functions as an information stealer and uniquely embeds a payload designed to deceive artificial intelligence tools used by malware analysts. The malware's objective is to cause these AI tools to abort or refuse to analyze the malicious artifact, thereby concealing its true nature and functionality. Researchers at SentinelOne first identified Gaslight, noting its sophisticated approach to evading modern security analysis methods that increasingly rely on AI for threat detection and examination. The malware targets macOS systems, a platform that has seen a rise in sophisticated threats. The prompt injection payload specifically manipulates the AI's understanding of the code or data it is analyzing, leading it to misclassify the threat or cease its investigation. This marks a significant development in the adversarial use of AI, where attackers are actively seeking to exploit the very tools designed to defend against them. The discovery highlights the ongoing arms race between cybersecurity professionals and malicious actors, with AI becoming a new battleground.