Security researchers have uncovered a new macOS malware family, dubbed Gaslight, that introduces a novel anti-analysis technique aimed at AI-assisted security tools rather than traditional malware sandboxes. Attributed with high confidence to a North Korean-linked threat actor, the Rust-based malware combines backdoor and information-stealing capabilities with embedded prompt injection content designed to interfere with automated AI analysis.
Unlike conventional evasion methods that attempt to detect virtual machines or security products, Gaslight hides dozens of fabricated developer logs, crash reports, debugging messages, and system alerts inside its executable. These fake artifacts mimic legitimate software errors—including memory dumps, expired authentication tokens, SQL injection warnings, Redis failures, and disk exhaustion—to persuade AI models that the analysis environment is malfunctioning.
Researchers say the goal is psychological rather than technical: to make AI-powered malware analysis systems question their own outputs, prematurely halt investigations, truncate reports, or refuse further analysis altogether. By targeting the reasoning process of large language models instead of the execution environment, the malware represents an emerging class of attacks specifically engineered for AI-driven cybersecurity workflows.
While researchers have not confirmed that Gaslight can reliably bypass current AI-assisted malware analysis platforms, the discovery highlights a growing trend of threat actors adapting their techniques for an era where security analysts increasingly rely on AI. The findings suggest prompt injection and LLM manipulation may become an important new front in the ongoing battle between malware developers and defensive AI systems.
