Claude Code on Mac: Malware Hides Behind Google
Le brief IA que les pros lisent chaque soir
Les 7 actus IA du jour, décryptées en 5 min. Gratuit.
Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.
Choisis ton rythme
Gratuit · Pas de spam · Désabonnement en 1 clic
Hackers Exploit Google Ads and Claude to Spread Malware
A clever scheme has been devised by hackers who are using Google Ads and shared discussions on Claude to target Mac users. These cybercriminals are hijacking legitimate conversations from the Claude chatbot to propagate a variant of the MacSync malware, a particularly dangerous piece of malicious software. Mac users are at risk if they have attempted to download the AI Claude via Google.
Cybersecurity researcher Berk Albayrak revealed on May 10, 2026, a sophisticated hacking campaign that combines Google Ads and the Claude.ai platform. Victims, believing they are installing the Claude Code tool from Google, execute a terminal command that silently infects their Mac with an infostealer-type malware, a formidable information thief. This seemingly harmless manipulation actually conceals a polymorphic spyware that is difficult to detect.
Hijacking Google Ads and Claude Discussions
The trap begins directly on Google, where a search for downloading the Claude Code application on macOS leads to a sponsored ad redirecting to the official domain "claude.ai." Rather than creating a fake site, the hackers hijack a real "shared discussion" to orchestrate a fake installation guide. This ruse exploits the credibility of the Claude tool to turn a reassuring function into a formidable trap.
To perfect their scam, the hackers impersonate Apple’s technical support directly on the Anthropic platform. The page falsely claims that the method is safe and will never affect your personal data or system. Users are encouraged to open their terminal to execute a simple command, a manipulation increasingly common among developers.
The displayed "curl" command hides a technical secret. It uses Base64 encoding to obscure its final destination. Once launched, it contacts the domain "customroofingcontractors[.]com" to download the infection script. The user thinks they are installing the Claude Code tool, but they have actually just opened the door to a variant of the MacSync malware.
An Elusive Polymorphic Malware
The MacSync malware, identified by Berk Albayrak, is extremely discreet, making it exceptionally dangerous. It employs a so-called polymorphic delivery method, allowing it to generate different code with each request to evade traditional antivirus software. Running almost entirely in RAM, it leaves virtually no suspicious physical trace on the hard drive.
Before striking, the script meticulously profiles your machine. It collects the IP address, computer name, and system version to ensure the target is worthwhile. This data is transmitted to the hackers' servers, which can then tailor the final payload according to the specifics of your Mac.
An astonishing protective mechanism has also been spotted in the source code by experts. The malware checks if a Russian or CIS (Russia, Armenia, Belarus, Uzbekistan, Azerbaijan, etc.) keyboard is configured on the system. If so, it silently self-destructs without stealing anything. This precaution allows the attackers to remain under the radar of local authorities.
Threat to Sensitive Data
Once installed, MacSync begins to plunder your most sensitive data. It targets browsers to extract your credentials and, most importantly, your valuable session cookies. These cookies allow hackers to bypass two-factor authentication to gain direct access to your bank accounts or personal social media.
The malware goes further by targeting the Keychain Access function, the password vault of your Mac. By hijacking osascript, a system command tool, it steals security keys and certificates stored deep within your computer. Your digital secrets end up in the hands of cybercriminals, without you ever seeing an alert.
To protect yourself, it is advised never to click on sponsored ads for your downloads. Navigate directly to the official Anthropic site, consult their official documentation, or use tools like Claude Security. Remember that no shared chat should ask you to execute command lines. Vigilance remains your best defense against these attacks.
In 2026, even the authority of an official domain name no longer exempts one from constant human vigilance against the tricks of social engineering.
Brief IA — L'actualité IA en français
L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.