← All articles

DPRK macOS malware Gaslight plants fake errors to derail AI-assisted analysis

SentinelOne detailed Gaslight, a Rust-based macOS backdoor and information stealer tied with high confidence to North Korea, whose standout trick targets the analyst rather than the sandbox. The sample embeds a block of 38 fabricated "system" messages, formatted to mimic the prompt scaffolding of an AI triage assistant, that try to make an LLM-assisted analysis tool doubt its session and abort, truncate, or refuse the analysis. Beyond that, Gaslight steals browser data, Keychain secrets, and command history, using a Telegram bot for command and control and self-redacting its bot token from its own output. It is an early example of malware built to weaponize the AI tools now common in reverse engineering.

Check
If you use AI or LLM tools in malware triage, review whether sample contents are passed to the model as trusted input, and check macOS hosts for the Telegram-based persistence described.
Affected
macOS users targeted by this North Korea-linked stealer, and analysts whose AI-assisted triage pipelines can be manipulated when malicious sample text is fed to the model as if it were instructions.
Fix
Treat the contents of analyzed samples as adversarial input, never as instructions, and isolate hostile text from AI models. On endpoints, hunt for the published indicators and suspicious com.apple-style LaunchAgents.