A ClickFix malvertising campaign exploited the shared chat feature of claude.ai, delivering the MacSync infostealer malware that compromised browser credentials, cookies, SSH keys, and cryptocurrency wallet files. The attackers utilized Google Ads to lead over 2,000 primarily macOS users to malicious sites, with the Asia-Pacific region being the most affected. The campaign involved tricking users into executing malicious commands via Terminal, all while remaining on the legitimate claude.ai domain.
Anthropic, the company behind claude.ai, responded by banning accounts involved in the scheme and disabling harmful chats. Users who interacted with these malicious links are advised to reset credentials and monitor their accounts for unusual activity.