New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis
New macOS malware “Gaslight” uses prompt injection to mislead the AI tools analysts rely on, turning AI-assisted malware analysis into an attack surface.
What’s new: The Hacker News reports on a newly discovered macOS malware strain dubbed “Gaslight” that targets the analysis process itself. Rather than only hiding from traditional tools, Gaslight embeds prompt-injection payloads designed to manipulate the AI assistants and large language models that analysts increasingly use to triage and reverse-engineer suspicious files — steering automated analysis toward wrong conclusions or causing it to under-report the threat.
Who’s affected
macOS users are the direct target, but the broader concern is for security teams and researchers who rely on AI-assisted tooling in their malware analysis pipelines. Gaslight signals a shift in which attackers treat the analyst’s AI helpers as part of the attack surface, attempting to corrupt the very systems meant to detect them.
What to do
- Treat AI-assisted analysis output as advisory, not authoritative — validate findings with traditional static and dynamic analysis.
- Run untrusted samples in isolated sandboxes and avoid feeding raw, attacker-controlled strings directly into LLM tools without sanitization.
- Keep macOS endpoint protection and detection signatures current, and monitor for unusual behavior even when automated tools report a file as benign.
- Educate analysts on prompt-injection risks so manipulated AI output is recognized and questioned.
