https://hackingpassion.com/tags/mac-malware/Recent content in Mac-Malware on HackingPassion.com : root@HackingPassion.com-[~]HugoenTue, 12 May 2026 11:37:35 +0200https://hackingpassion.com/macsync-clickfix-claude/Tue, 12 May 2026 11:37:35 +0200https://hackingpassion.com/macsync-clickfix-claude/<p><strong>MacSync</strong> is spreading through <strong>Google ads</strong> that lead directly to <strong>claude.ai</strong>. The installation guide there was written by Claude itself. One Terminal command and the malware is running, your credentials are gone, and your crypto wallet applications have been replaced.</p> <p>Security researcher <strong>Berk Albayrak</strong> spotted an active version of this campaign on <strong>May 9, 2026</strong> and posted his findings on X. Researcher <strong>g0njxa</strong> also published findings on X tracing the campaign infrastructure. <strong>BleepingComputer</strong> independently confirmed a second variant running on completely separate infrastructure.</p>