- Scammers abused Claude’s “Shared Chats” feature to plant fake installation instructions that led to info stealer infections
- Fraudulent chats were promoted via Google Ads displaying authentic Claude URLs to trick Mac users
- The campaign used ClickFix tactics, faked “Apple Support” and avoided targeting Russian-language systems
Cybercriminals are misusing legitimate Claude and Google Ads services to trick Mac users into installing info-stealing malware on their devices, experts have warned.
A new campaign was recently discovered and exposed by security researcher Berk Albayrak on LinkedIn, regarding a feature called “Shared Claude Chats,” which allows users to create clickable links to previous conversations they’ve had with AI. That way, other people can see the specific chat sessions via a public URL.
According to Albayrak, the hackers have created conversations where the platform displays instructions on how to install Claude Code (a command-line coding assistant). However, the instructions are nothing more than standard ClickFix scams – they tell the user to download the Terminal and enter a command which triggers a chain reaction resulting in an infostealer infection.
Advertising the scam on Google
The conversation was created by an account named “Apple Support,” which likely adds to its legitimacy. However, those with a better eye could easily spot the trick as the chat has a disclaimer at the top warning that the content below may be “unverified or uncertain”.
But creating the fraudulent conversation is only half the process – the victims still have to land there somehow.
This is where Google Ads comes into the picture. The scammers were able to buy ads on Google’s advertising network, meaning that people searching for “Claude Code on Mac” would be served this chat at the very top of the search engine results page. To make matters worse, those who would hover over the link or double check where it leads would see “claude.ai” – the authentic Claude URL.
Albayrak did not say how many people might have been compromised in this way, but Bleeping Computer found that the malware does not work on Russian-language computers, suggesting that the criminals are actively avoiding targeting Russians.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
