They use Google, ChatGPT and Grok to install malware without you realizing it

They attempt to deceive people who are only looking for a simple solution to a common problem, by making them install a malware without them realizing it. The cybersecurity company Huntress warned of a new campaign of this type that takes advantage of the trust of users of ChatGPT, Google and Grok distribute software malicious.

This is how your Mac data can be stolen with SEO Poisoning

In this case, they manipulate common links on Google such as “free up space on Mac” either “how to delete data on an iMac”showing fraudulent links in the first results, appearing legitimate. What happens is that these links lead to two authentic conversations with ChatGPT and Grokwhich are hosted on OpenAI and xAI servers, which further enhances the feeling of being real.

In these conversations, they propose step-by-step instructions to free up space on macOSin addition to adding reassuring messages such as that the process is safe or that it does not affect personal data. But they explain that The real danger is in a command that you ask to copy and paste into the terminalbecause when it is executed, the user unknowingly installs a malware called LOVE (Atomic Thief macOS).

The mission he has is steal information such as saved browser passwords, cryptocurrency wallet credentials, or data stored in macOS keychain and then sent to servers controlled by cybercriminals. They claim that this campaign is very dangerous because The user just needs to do a normal search on Google and follow the instructions from a chatbot you trust.

From the company, they offer three key tips to avoid falling victim to LOVE or a SEO poisoning: