Skip to main content

In the age of ChatGPT, Macs are under malware assault

It’s common knowledge — Macs are less prone to malware than their Windows counterparts. That still holds true today, but the rise of ChatGPT and other AI tools is challenging the status quo, with even the FBI warning of its far-reaching implications for cybersecurity.

That may be why software developer Macpaw launched its own cybersecurity division — dubbed Moonlock — specifically to fight Mac malware. We spoke to Oleg Stukalenko, Lead Product Manager at Moonlock, to find out whether Mac malware is on the rise, and if ChatGPT could give hackers a massive advantage over everyday users.

Recommended Videos

State-sponsored attacks

A person using a laptop with a set of code seen on the display.
Sora Shimazaki / Pexels

Apple silicon has rejuvenated Apple’s computers, with a spike in global sales ever since the chips debuted in 2020, according to Statista. All those extra Macs could make the platform a juicy target for malware writers enticed by a widening pool of potential paydays.

As Stukalenko puts it, “Because of a growing quantity of Mac computers, macOS has become an attractive target for cyberattacks … Even the notable case of North Korea’s Lazarus Group, which became one of the first state-sponsored groups to target Macs last year, keeps us on high alert.”

And while Stukalenko acknowledges that “In theory, a newer processor architecture [like Apple silicon] may be considered a safer one,” that doesn’t make it immune to threats. In fact, of all the malware samples analyzed by Moonlock, “almost all work on both Intel and ARM architectures” like the one that forms the basis of Apple silicon chips.

The ChatGPT threat

A MacBook Pro on a desk with ChatGPT's website showing on its display.
Hatice Baran / Unsplash

Ransomware often makes a big splash in the news, but it’s not the fastest-rising Mac malware threat, according to Moonlock — instead, that dubious accolade goes to various types of stealers. This malware usually takes the form of a trojan that gathers information from a victim’s system, Stukalenko says, such as usernames and passwords, credit card information, or login details. This category also includes keyloggers, which keep track of everything you type in the hopes of picking up sensitive info.

Another rising threat for Mac users? ChatGPT. While the chatbot itself is not malware, it has the potential to be misused by bad actors who, with some clever prompt engineering, can task it with writing malicious code for them. What do the engineers at Moonlock think about ChatGPT’s capacity as a hacker’s helper?

“СhatGPT can be used for quick prototyping of malware by generating multiple code snippets,” Stukalenko says, giving hackers an extra weapon in their arsenal against their targets. As well as that, the chatbot can be used “to quickly generate a similar new code based on the initial code,” resulting in “polymorphic” malware. This is able to “change its appearance continuously and rapidly morph its code” in order to evade antivirus detection. While not hugely popular right now, it could become a serious problem in the near future.

A person sits in front of a laptop. On the laptop screen is the home page for OpenAI's ChatGPT artificial intelligence chatbot.
Viralyft / Unsplash

Despite OpenAI adding guardrails to ChatGPT that are meant to protect against malicious code generation, these defenses can be easily overcome, Stukalenko says. For instance, the Moonlock team was able to use ChatGPT to generate working encryption code that could be used in ransomware, working their way around the guardrails in a relatively straightforward fashion.

There’s some good news though. Even though ChatGPT can spin up functioning malware code, it is also prone to providing users with faulty outputs that behave weirdly, Stukalenko says, much like how some image generators create images of people with seven fingers. That’s similar to what cybersecurity experts told us when we quizzed them on the same topic in May 2023.

And Stukalenko notes that “ChatGPT brings higher risks for the whole cybersecurity ecosystem, but Mac users specifically are in no way under a more significant risk than users of any other [operating system].” In other words, this is a platform-agnostic problem, not a macOS problem.

How to stay safe

The MacBook Pro on a wooden table.
Digital Trends

So, is it correct to feel that Macs are safer than Windows machines? Stukalenko says that belief is not totally unfounded. “Apple prioritizes security, and the widely held belief that macOS is more protected than Windows has weight behind it,” Stukalenko says. “Over the years, Apple has been consistently adding more security features to macOS … Moreover, the review process of the App Store considerably reduces the risk of installing malware.”

But as we’ve seen, no system is totally beyond the clutches of viruses, trojans, and the like. As Stukalenko explains, “the robust security safeguards and the perceived system’s invulnerability have built a myth that malware doesn’t exist on macOS.”

“According to our own research,” they continue, “57% of Mac users either agree or hesitate to disagree with the statement that ‘Malware does not exist on macOS.’ This persistent misconception makes users vulnerable to potential cyberattacks.”

What can you do to stay safe on your Mac? According to Moonlock, you should prioritize downloading apps from the official App Store, as everything there has to be notarized and checked by Apple. If the app you want isn’t available there, avoid downloading apps through Google or banner ads, as these can hide malware.

Elsewhere, Stukalenko says you should avoid torrents at all costs, and install an antivirus app from a trusted developer. Put these tips into practice and you’ll go a long way to keeping your Mac safe — even from malware built with the automated assistance of ChatGPT.

Alex Blake
Alex Blake has been working with Digital Trends since 2019, where he spends most of his time writing about Mac computers…
OpenAI’s Advanced Voice Mode can now see your screen and analyze videos
Advanced Santa voice mode

OpenAI's "12 Days of OpenAI" continued apace on Wednesday with the development team announcing a new seasonal voice for ChatGPT's Advanced Voice Mode (AVM), as well as new video and screen-sharing capabilities for the conversational AI feature.

Santa Mode, as OpenAI is calling it, is a seasonal feature for AVM, and offers St. Nick's dulcet tones as a preset voice option. It is being released to Plus and Pro subscribers through the website and mobile and desktop apps starting today and will remain so until early January. To access the limited-time feature, first sign in to your Plus or Pro account, then click on the snowflake icon next to the text prompt window.

Read more
The ChatGPT app is transforming my Mac right before my eyes
The ChatGPT Mac app running in macOS Sequoia.

Apple is all in on AI for the Mac. It's called Apple Intelligence, and it's really only starting to get off the ground.

Meanwhile, OpenAI went ahead and launched its own ChatGPT app earlier this year, and supported it with a recent update that made it even more useful, bringing ChatGPT’s web-searching powers to its Mac app.

Read more
One of ChatGPT’s latest features comes to the free tier
ChatGPT's Canvas screen

In October, OpenAI debuted its Canvas feature, a collaborative interface that visually previews the AI response to the user's writing or coding request. However, it was only made available as a beta feature for Plus and Teams subscribers. On Tuesday, the company announced that it is bringing Canvas to all users, even at the free tier.

While one could easily mistake Canvas for a blatant knockoff of Anthropic's Artifacts feature, OpenAI is also incorporating a swath of new capabilities into Canvas. For one, Canvas is now integrated directly into the GPT-4o model so that it runs natively within ChatGPT, eliminating the need to select it specifically from the model-picking list.

Read more