Mosyle identifies one of the first known AI-assisted Mac malware threats

Mosyle, a popular Apple device management and security firm, has exclusively shared details with 9to5Mac on a previously unknown macOS malware campaign. While crypto miners on macOS aren’t anything new, the discovery appears to be the first Mac malware sample uncovered in the wild that contains code from generative AI models—officially confirming what was inevitable.

At the time of discovery, Mosyle’s security research team says the threat was undetected by all major antivirus engines. This comes nearly a year after Moonlock Lab warned about chatter on dark web forums indicating how large language models were being used to write malware targeting macOS.

The campaign, which Mosyle is calling SimpleStealth, is spreading through a convincing fake website impersonating the popular AI app, Grok. The threat actors are using a look-alike domain to trick users into downloading a malicious macOS installer. When launched, victims are presented with what appears to be a full-functioning Grok app that looks and behaves like the real thing. This is a common technique used to keep the application front and center while malicious activity quietly runs in the background, allowing the malware to operate longer without being noticed.

According to Mosyle, SimpleStealth is designed to bypass macOS security safeguards during its first execution. The app prompts the user for their system password under the guise of completing a simple setup task. This allows the malware to remove Apple’s quarantine protections and prepare its true payload. From the user’s perspective, everything appears normal as the app continues to display familiar AI-related content that the real Grok app would.

Behind the scenes, however, the malware deploys the stealthy Monero (XMR) crypto miner that boasts having “quicker payouts” and being “confidential and untraceable” on its website. To stay hidden, the mining activity only starts when the Mac has been idle for at least a minute and stops immediately when the user moves the mouse or types. The miner further disguises itself by mimicking common system processes like kernel_task and launchd, making it far harder for users to spot abnormal behavior.

In evidence seen by 9to5Mac, the use of AI is found throughout the malware’s code, which features unusually long-winded comments, a mix of English and Brazilian Portuguese, and repetitive logic patterns that are characteristic of AI-generated scripts.

Overall, this situation is alarming for several reasons. Primarily because AI is lowering the barrier to entry for attackers faster than concerns around ‘malware-as-a-service’ could ever. Virtually anyone with internet access can now craft samples like SimpleStealth, significantly accelerating the pace at which new threats can be created and deployed.

The best way to stay safe is to avoid downloading anything from third-party sites. Always source your apps directly from the Mac App Store or directly from developer websites you trust.

Follow Arin: Twitter/X, LinkedIn, Threads

Below you can find the Indictors of Compromise (IoCs) of the SimpleStealth sample for your own research or to improve detection at your organization. Exercise caution around visiting any observed domains.

Malware family: SimpleStealth
Distribution name: Grok.dmg
Target platform: macOS
Observed domain: xaillc[.]com

Wallet Address: 4AcczC58XW7BvJoDq8NCG1esaMJMWjA1S2eAcg1moJvmPWhU1PQ6ZYWbPk3iMsZSqigqVNQ3cWR8MQ43xwfV2gwFA6GofS3

SHA-256 hashes:

• 553ee94cf9a0acbe806580baaeaf9dea3be18365aa03775d1e263484a03f7b3e (Grok.dmg)
• e379ee007fc77296c9ad75769fd01ca77b1a5026b82400dbe7bfc8469b42d9c5 (Grok wrapper)
• 2adac881218faa21638b9d5ccc05e41c0c8f2635149c90a0e7c5650a4242260b (grok_main.py)
• 688ad7cc98cf6e4896b3e8f21794e33ee3e2077c4185bb86fcd48b63ec39771e (idle_monitor.py)
• 7813a8865cf09d34408d2d8c58452dbf4f550476c6051d3e85d516e507510aa0 (working_stealth_miner.py)