Fake Grok app built using generative AI discovered spreading malware on macOS devices

Today, there are several reasons you should avoid Elon Musk's Grok AI chatbot, from explicit, degrading content to a new strain of malware that infects Apple computers.

A new macOS malware has been identified by Mosyle, an Apple device management and security firm. The company shared details of the SimpleStealth campaign with 9to5Mac.

Simply, the SimpleStealth attack poses as a fake version of xAI's Grok chatbot and tricks users into downloading an infected macOS installer. The installer is hosted on a look-alike website and not the Mac App Store.

According to the Mosyle security research team, the bad actors used the domain xaill.com to mimic the Grok AI app and prompt people to install Grok.dmg.

AI built crypto miner

Mosyle said that the malware went undetected by antivirus programs and appears legitimate while running hidden background processes.

What makes this fake Grok unique is that it may be the first malware built, in part, using generative AI code. Apparently, the code script includes a mixture of English and Brazilian Portuguese, rambling explanations and repetitive logic, common to AI-generated code.

AI or not, the malware stealth deploys a Monero cryptocurrency miner built to hide in the system. Its activity only begins if the Mac has been idle for at least a minute and stops when user activity is detected.

As reported by 9to5Mac, the finding raises concerns that generative AI is speeding up malware development, accelerating the rate at which new threats are deployed.

How to stay safe

As always, when it comes to software, avoid downloading from third-party sites. If it's not in the Mac App Store, it could be a vector for infection.

Stick to the official app store or download directly from reputable companies (currently, not Grok). Even then, make sure to double-check URLs and try to avoid filling out any forms.

While the current antivirus programs were unable to detect the new malware, it's still a good idea to invest in one of the best Mac antivirus software solutions for all of the malicious code it can catch. Plus, Mac comes with built-in security software called XProtect.

Given how quickly malware can be created and deployed, it's a good idea to improve your cyber hygiene and stay up to date on the latest threats. This way, you'll be better prepared to avoid the tricks hackers use to gain access to your devices and your information.

Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.

More from Tom's Guide

• Malicious Zoom Stealer extensions can leak your private meeting details — how to stay safe
• Nearly 2 million Android devices hijacked by massive new botnet — how to stay safe
• How to avoid the nightmare Android malware that can hold your device for ransom or erase it