◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

AI-assisted malware triage poisoning

Definition
A new attack class in which malware is deliberately designed to confuse or misdirect the AI tools that security teams use to analyse it. For example, malware may embed hidden prompt-injection instructions that, when fed into an AI analysis assistant, cause the assistant to report that the file is safe or to give misleading analysis — protecting the malware from AI-powered detection.
Why it matters
Security teams are rapidly adopting AI to speed up malware analysis; this attack means adversaries can now deliberately sabotage that analysis, turning a key defensive tool into a liability. A North Korean-linked sample (macOS.Gaslight) was confirmed using this technique in the wild.
Demonstrated by recent findings
macOS.Gaslight — DPRK Rust Infostealer Embeds Prompt Injection to Derail AI-Assisted Malware Triage
References
MITRE ATLAS — AML.T0054 LLM Prompt Injection
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →