A new malware campaign involves scammers hijacking the Claude AI's 'Shared Claude Chats' feature and Google Ads to trick Mac users into downloading infostealing software disguised as technical support instructions.

  • Fraudulent Claude AI chat sessions push harmful commands.
  • Google Ads amplify scam visibility in search results.
  • Malware targets avoid infecting Russian-language Macs.

What happened

Security researchers uncovered a fresh scam targeting Mac users via the AI platform Claude. Attackers fabricated public chat links that instruct users to paste terminal commands which ultimately deploy infostealing malware, a known ClickFix scam variant. These chat sessions appeared under the guise of legitimate Apple support to gain trust.

To drive traffic to these malicious conversations, criminals purchased ads through Google's advertising network. Users searching for terms related to Claude coding assistance on Mac would see these phishing chats ranked highly, with URLs deceptively appearing as the official Claude domain. This makes casual users more susceptible to clicking and following unsafe guidance.

Why it matters

This campaign shows how threat actors are innovating by combining popular AI tooling platforms and mainstream advertising channels to spread malware in a highly effective manner. Mac users, often perceived as less vulnerable to malware, face a growing risk from social engineering that exploits trusted-looking AI conversations.

The use of Google Ads as a vector significantly increases scam reach and visibility, making it more difficult for users to distinguish safe results from malicious ones. The malware’s avoidance of Russian-language devices also signals a targeted approach rather than indiscriminate attack, underscoring the sophistication of these operations.

What to watch next

Users should exercise caution when interacting with publicly shared AI chat sessions or unfamiliar technical guidance found via search engines. Verifying the legitimacy of such content and avoiding pasting commands into terminals from untrusted sources remain critical defenses.

Meanwhile, platforms hosting AI tools and advertising networks will likely face increasing pressure to detect and block fraudulent content and scams leveraging their services. Monitoring developments in how attackers use AI interfaces for malware distribution is essential for cybersecurity preparedness.

Source assisted: This briefing began from a discovered source item from TechRadar. Open the original source.
How SignalDesk reports: feeds and outside sources are used for discovery. Public briefings are edited to add context, buyer relevance and attribution before they are published. Read the standards

Related briefings

DigiCert Launches Intelligent Trust Framework to Address AI Security and Reliability Challenges OpenAI Adds Trusted Contact Feature to ChatGPT to Address Safety Concerns Anthropic launches new legal tools and plugins to enhance Claude AI for law firms