{"slug": "malware-authors-subvert-ai-detection-systems", "title": "Malware authors subvert AI detection systems", "summary": "Malware authors are subverting AI detection systems with code that commands LLM-assisted products to abort analysis. SentinelLabs discovered macOS.Gaslight, a Rust backdoor targeting MacOS systems, which it associates with North Korean threat activity. The malware uses prompt injection to evade AI-based security tools, marking a growing trend in adversarial AI attacks.", "body_md": "Enterprises that have turned to AI in order to boost their security defenses may have to reconsider their approach.\n\nMalware containing code that commands LLM-assisted products to abort their analysis or refuse to implement it is already circulating, [according to a post](https://www.sentinelone.com/labs/macos-gaslight-rust-backdoor-turns-prompt-injection-on-the-analyst-not-the-sandbox/) from security company SentinelLabs.\n\nSentinelLabs thinks it knows who’s responsible for the malware, which attacks MacOS systems. “Apple’s XProtect detects the sample under the rule MACOS_BONZAI_COBUCH, and SentinelLabs associates the BONZAI signature family with North Korean threat activity,” the company wrote.\n\nIt’s calling the malware macOS.Gaslight.\n\nThis is not the first example of malware specifically targeting AI-generated analysis. As SentinelLabs noted, [Checkpoint first documented such an approach](https://research.checkpoint.com/2025/ai-evasion-prompt-injection/) exactly a year ago. And Socket followed suit with [a report of a payload](https://socket.dev/blog/mini-shai-hulud-miasma-and-hades-worms-target-bioinformatics-and-mcp-developers-via-malicious) that also used code to evade detection by AI models.\n\nThis new generation of threats was mentioned in the OPSWAT report, [The State of File Security](https://www.opswat.com/resources/reports/ponemon-state-of-file-security) and [cybersecurity experts are warning](https://www.csoonline.com/article/4053107/ai-prompt-injection-gets-real-with-macros-the-latest-hidden-threat.html) that AI-supported protection is not always the answer.\n\nSentinelLabs would certainly agree with that view. “As [LLM-assisted analysis](https://www.sentinelone.com/labs/building-an-adversarial-consensus-engine-multi-agent-llms-for-automated-malware-analysis/) becomes routine, defenders should expect more samples built to exploit it,” it wrote.", "url": "https://wpnews.pro/news/malware-authors-subvert-ai-detection-systems", "canonical_source": "https://www.csoonline.com/article/4190094/malware-authors-subvert-ai-detection-systems.html", "published_at": "2026-06-26 16:27:02+00:00", "updated_at": "2026-07-04 14:54:12.487225+00:00", "lang": "en", "topics": ["ai-safety", "ai-products"], "entities": ["SentinelLabs", "Apple", "XProtect", "Checkpoint", "Socket", "OPSWAT", "macOS.Gaslight", "North Korea"], "alternates": {"html": "https://wpnews.pro/news/malware-authors-subvert-ai-detection-systems", "markdown": "https://wpnews.pro/news/malware-authors-subvert-ai-detection-systems.md", "text": "https://wpnews.pro/news/malware-authors-subvert-ai-detection-systems.txt", "jsonld": "https://wpnews.pro/news/malware-authors-subvert-ai-detection-systems.jsonld"}}