Skip to content

Gaslight: macOS Malware Uses Prompt Injection Against AI-Powered Malware Analysis

The Bottom Line: Gaslight demonstrates a new attack variant in which malware directly compromises security analysts’ AI tools to evade detection.

A new macOS malware written in Rust named Gaslight contains prompt injection payloads to manipulate AI analysis tools used by security researchers and prevent them from conducting analysis. The implant simultaneously functions as an information stealer.

Security researchers have analyzed a previously unknown macOS malware that uses prompt injection techniques to trick AI analysis tools deployed by security experts. The implant, developed in Rust, is designed to manipulate malware analysts using AI-powered analysis tools by injecting crafted prompts that cause the AI system to abort or refuse analysis.

The malware was named Gaslight because it employs this manipulative behavior as a core feature. This represents a significant shift in malware development: rather than attacking end systems alone, security research itself becomes the target. The system also functions as an information stealer and can exfiltrate data from the infected macOS system.

For CISOs and security teams, this introduces additional complexity in malware analysis: AI tools can no longer be relied upon as trustworthy automation aids for threat detection when attackers deliberately manipulate them. This requires validation of AI-powered analysis results through manual verification and a more critical stance toward automated conclusions.


Source: thehackernews.com · Published June 25, 2026
Lumi AI News — AI-assisted curation in accordance with Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.

Share on: