Skip to content
Executive Summary - SentinelLABS has analyzed a Rust macOS implant that embeds a 3.5 KB prompt-injection payload of 38 fabricated “system” messages, built to steer an LLM-assisted triage pipeline into aborting or refusing its analysis. - Command-and-control runs over a Telegram Bot API polling loop, with AES-GCM payloads over certificate-pinned TLS. - The implant self-redacts its Telegram bot toke...
macOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox | Huntaegis