The Moonlock Mac Security Survey 2025 found that AI is a top security concern for Mac users. They see the new technology as a tool that can be used against them. In this report, we talk to industry experts to get their insight on the issue, including what they think AI can and cannot do, and how Mac users can stay safe from AI risks and threats.
Does the mythical AI Mac malware exist?
In November last year, we reported that Anthropic, the AI company behind Claude, claimed that Chinese nation-state hackers had used its model to fully automate a large-scale cyberespionage attack.
This claim was questioned by some security experts. However, more recently, in December 2025, we corroborated that cybercriminals were in fact using ChatGPT and Grok to spread the infamous macOS AMOS stealer malware.
Beyond this news and others that we have covered, we have seen no evidence of what would be the first 100% AI-driven malware.
Despite this, the Moonlock Mac Security Survey 2025 found that 72% of Mac users fear that AI accelerates the rise of advanced cyber threats. Only 32% believe that AI can be used to make tools that protect them, and over half of Mac users surveyed feel they lack control over the data they share with AI platforms.
Indeed, cybercriminals have already integrated AI into their attack chains, but does malware fully created by AI exist?
Is AI-coded malware a baseless claim or a real threat?
“There is a malware which uses AI models or APIs to make code and obfuscate itself; it can also make decisions, but it is not a ‘magical” independent AI creature’ acting on its own,” Fergal Glynn, AI Security Advocate and Chief Marketing Officer at Mindgard, told Moonlock.
“It (this type of malware) is still a regular malware on a system,” said Glynn.
“We have also seen AI-assisted worms and automated attack pipelines, but these depend on the existing infrastructure and tools instead of any standalone conscious AI engine,” Glynn from Mindgard added.
There is a baseless commotion being made, with claims that AI can “hack any Mac” instantly or bypass every Apple protection without any mistakes made on the part of the user, Glynn explained.
“AI cannot read your thoughts, nor can it turn off all security on its own. It cannot even break strong, unique passwords and hardware-based protections overnight,” he said, putting the myth to rest.
AI cannot read your thoughts, nor can it turn off all security on its own. It cannot even break strong, unique passwords and hardware-based protections overnight.
Fergal Glynn, AI Security Advocate and Chief Marketing Officer at Mindgard
So, what are bad actors using AI for?
“We’ve seen a rise in hackers using AI tools to streamline and scale their efforts,” Aimee Simpson, Director of Product Marketing at Huntress, told Moonlock.
Examples of this AI tradecraft include using tools like ChatGPT to draft hacking scripts or produce text for convincing phishing messages. AI-generated deepfakes might be used to bait scam victims, said Simpson.
Simpson added that AI-created malware exists but is not yet capable of bypassing antimalware solutions. However, even if fully AI malware capabilities were to be achieved by threat actors, Simpson said that malware attacks wouldn’t significantly change.
“An organization with a robust layered security setup that combines real-time threat detection and behavioral analysis would likely still catch the subtle signs of an attack before it escalates,” Simpson added.
AI deception and AI in the cybercriminal developer pipeline
“Threat actors use AI to scale deception,” Marijus Briedis, CTO at NordVPN, told Moonlock.
With generative tools (AI), threat actors can produce convincing phishing messages in seconds, adapt the tone to a specific company or person, and customize the malicious message to target users in different regions and languages, Marijus explained.
“AI also enables more believable impersonation through synthetic voice and video, so a scam call can sound like a real colleague, or a fake clip can be used to pressure someone into urgent actions like approving a payment or sharing access,” said Marijus.
AI also enables more believable impersonation through synthetic voice and video.
Marijus Briedis, CTO at NordVPN
On the technical side, AI is used to accelerate cybercriminal processes that are time-consuming. This includes everything from writing malware code to researching users and population groups that will be targeted.
Ethical hacker toolkits used by the dark side
Just as ethical hackers use automated AI-driven tools to map out digital attack surfaces, find vulnerabilities, and scan for weaknesses or errors in misconfigurations, cybercriminals do the same.
“AI enables attackers to automate large-scale reconnaissance, quickly identifying API vulnerabilities and misconfigured ‘Shadow APIs’ (used by workers but not approved by enterprises) that were previously too time-consuming to detect,” Eric Schwake, Director of Cybersecurity Strategy at Salt Security, told Moonlock.
“By early 2026, we observed the rise of autonomous agents that not only find flaws but also adapt and exploit strategies based on system responses,” said Schwake.
“Although the concept of a self-aware virus remains a science fiction myth, we are observing malicious software that incorporates local LLM components into its core operations,” Schwake from Salt Security said.
This enables the malware to analyze its surroundings and dynamically adjust its code to bypass signature-based defenses like Apple’s XProtect, he explained.
It is important to realize that even this sophisticated malware is substantial. It still depends on a delivery method, typically a compromised API integration or user-approved installation of cracked or “vibe-coded” software, to establish its initial presence, Schwake explained.
How can Mac users stay safe from AI risks and threats?
Moonlock’s Mac Security Survey 2025 found that 66% of Mac users have come across at least one cyber threat in the past year. The same report notes a 67% increase in macOS backdoor variants for 2025 and 17% more macOS stealer variants for the same year, as compared to 2024. Users in more than 80 countries have been affected by major Mac stealer malware campaigns.
The increase in volume and scale in the global macOS threat landscape is driven by several factors. The use of AI by cybercriminals and threat actors is definitely one of them.
“Macs are definitely not untouchable,” Simpson from Huntress told us. Despite the sophisticated nature of AI and macOS malware, the same rules apply when trying to protect your Mac from online risks.
“The best things individuals can do to stay safe are ensure they keep their system up-to-date, only download software from reliable sources like the app store, and look out for scam emails, phone calls, ads, and social media messages,” said Simpson.
“Scammers love to impersonate Apple or Apple support, so be suspicious of any unexpected messages you get,” she added.
Keeping a calm head and knowing fact from fiction has become vital, as social engineering is the main gateway for cybercriminals to break into your Mac.
Briedis from NordVPN told Moonlock that the fears that AI is a magical hacker are unfounded. AI cannot break into any Mac just by knowing your name, email, or Apple ID, Briedis added.
“It can’t instantly crack strong security by itself,” said Briedis.
“I would tell Mac users that AI cannot bypass your Mac’s protections without a real path in, like a vulnerability, stolen credentials, or you approving something,” he said.
Rules 1, 2, and 3 of AI security are the same as always
Briedis told us that AI-associated threats are usually strongest at one thing: they make scams feel more real. Users should keep this in mind.
“The first rule is to be skeptical of unexpected contact, especially if it asks for money, passwords, one-time codes, or urgent ‘quick approval’ actions—even if it looks or sounds like someone you trust,” Briedis said.
If you ever find yourself unfortunately dealing with a suspicious interaction online, don’t argue with the message or try to “spot the deepfake” under pressure, Briedis advised.
“Instead, verify independently using a trusted path: Type the website yourself, use an official help page, or call back using a number you already know, not the one in the message.”
The second rule is one we all know by heart. Use strong, unique passwords and turn on multi-factor authentication, ideally passkeys where possible, because they reduce the value of a stolen password.
Naturally, keeping your Mac updated is vital, along with all your devices.
Get the Moonlock app: An ally for your digital peace of mind
Fully AI macOS malware might not be a reality today, but other types of threats that can breach your Mac’s built-in security do exist and are out there targeting users every day. These threats range from backdoors to crypto miners that set up shop on your Mac and stealers that drain your crypto wallet and steal your data.
The Moonlock antivirus app can help you keep up with these threats with its live scanner, updated malware database, and encrypted, secure VPN. It also offers features that help you increase the security configurations on your Mac in just a couple of clicks, while providing information on every threat your Mac encounters and making sure that it does no damage to your computer.
You can try Moonlock with a 7-day free trial.
Final thoughts
Yes, cybercriminals are using AI for many things, from phishing to malware coding and even spreading cyber threats. However, demonizing AI and imagining that it has mythical powers serves no one. It certainly does nothing to serve Mac users’ peace of mind.
Experts agree that while the use of AI by threat actors is worrying, Mac users are familiar with the concepts needed to stay safe from AI risks. They are the same as they have always been.
This is an independent publication, and it has not been authorized, sponsored, or otherwise approved by Apple Inc. Mac and macOS are trademarks of Apple Inc.
