New macOS malware embeds fake errors to confuse AI analysis tools
Summary
A macOS malware called "Gaslight" uses prompt injection (tricking an AI by hiding instructions in its input) to confuse AI-powered malware analysis tools by embedding fake error messages, crash reports, and debugging data within the executable file. The malware contains 38 fabricated system messages designed to make LLM (large language model)-assisted analysis tools question their own sessions or stop analyzing the malware, rather than trying to evade detection in sandboxes (isolated test environments). Researchers attribute the malware to a North Korean-linked threat actor, and while it hasn't been shown to successfully bypass current AI analysis platforms, it suggests attackers are developing new anti-analysis techniques targeting AI-based security tools.
Classification
Related Issues
CVE-2024-27444: langchain_experimental (aka LangChain Experimental) in LangChain before 0.1.8 allows an attacker to bypass the CVE-2023-
CVE-2026-30308: In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe comman
Original source: https://www.bleepingcomputer.com/news/security/new-macos-malware-embeds-fake-errors-to-confuse-ai-analysis-tools/
First tracked: June 25, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 85%