AI-coded malware arrives on the Mac through fake Grok AI app

Mosyle has identified a macOS malware campaign that uses generative AI-assisted code and spreads through a fake AI app download.

Open laptop with colorful blurred desktop screen resting on the arm of a blue fabric couch, showing keyboard and thin design in a relaxed home setting

The Apple device management firm shared details of the malware named the campaign SimpleStealth. The attack spreads through a fake website posing as the Grok AI app and tricks users into downloading a malicious macOS installer.

The fake Grok app is distributed through a look-alike website rather than the Mac App Store. According to Mosyle, attackers used the domain xaillc[.]com to impersonate the Grok AI app and prompt users to download a malicious macOS installer named Grok.dmg.

Grok is an AI chatbot developed by xAI and integrated with the X social platform. The app is marketed as a conversational assistant that answers questions, analyzes posts, and generates text.

Continue Reading on AppleInsider | Discuss on our Forums