|
 We're used to seeing new skyscrapers regularly announced for major cities like Dubai, New York, and Shenzhen. However, this ambitious project is slated for somewhere totally unexpected: a remote Swiss village.. Named Lina Peak, the project has absolutely nothing to do with that other plan to do the same thing, and will totally transform the
|
|
Ever since reporting earlier this year on how easy it is to trick an agentic browser, I've been following the intersections between modern AI and old-school scams. Now, there's a new convergence on the horizon: hackers are apparently using AI prompts to seed Google search results with dangerous commands. When executed by unknowing users, these commands prompt computers to give the hackers the access they need to install malware.
The warning comes by way of a recent report from detection-and-response firm Huntress. Here's how it works. First, the threat actor has a conversation with an AI assistant about a common search term, during which they prompt the AI to suggest pasting a certain command into a computer's terminal. They make the chat publicly visible and pay to boost it on Google. From then on, whenever someone searches for the term, the malicious instructions will show up high on the first page of results.
Huntress ran tests on both ChatGPT and Grok after discovering that a Mac-targeting data exfiltration attack called AMOS had originated from a simple Google search. The user of the infected device had searched "clear disk space on Mac," clicked a sponsored ChatGPT link and — lacking the training to see that the advice was hostile — executed the command. This let the attackers install the AMOS malware. The testers discovered that both chatbots replicated the attack vector.
As Huntress points out, the evil genius of this attack is that it bypasses almost all the traditional red flags we've been taught to look for. The victim doesn't have to download a file, install a suspicious executable or even click a shady link. The only things they have to trust are
|
|
NEW RESOURCES Spotted on LinkedIn: public.monster. It's a 1990s-style Web host. From the About page: "Back in the 90s, you could just drop some HTML files in your ~/public_html folder and BAM […]
|
|
Have you ever had an unexpected direct phone call from Apple support? I have not, and if you do ever receive one, you probably aren't talking to Apple. The company says you should immediately hang up.
"If you get an unsolicited or suspicious phone call from someone claiming to be from Apple or Apple Support, just hang up," the company support website states.
Don't fall for it
Other things it warns against are suspicious calendar invitations in Mail or Calendar, annoying pop-ups in the browser, unexpected software download prompts, and fraudulent emails.
To read this article in full, please click here
|
|
