A Google-sponsored advertisement posing as Anthropic’s Claude Code CLI has been identified as delivering a macOS credential-stealing malware named “MacSync Stealer.” This malicious software also targets Ledger Live and Ledger Wallet applications to extract cryptocurrency seed phrases.
Uncovering the Malicious Campaign
Researchers at Beelzebub Labs discovered this campaign through their threat intelligence platform, Caronte, following the submission of a suspicious terminal command for analysis. The deceptive ad appeared when users searched for “claude code mac install,” placing it above legitimate search results.
When clicked, users were directed to a counterfeit installation page on sites.google.com, designed to imitate Anthropic’s branding. This page falsely claimed over 12 million downloads and provided a one-click copy button for a harmful terminal command.
Technical Tactics Employed
The attackers used Google Sites strategically due to its content rendering through JavaScript, making it invisible to automated security scanners. Human visitors, however, executed the script, loading the fake page. Trusted domains like sites.google.com often bypass security checks, making this tactic particularly effective.
To deceive less experienced users, the page included a “New to Terminal?” guide, leading them through a fake installation process that normalized entering an admin password. This primed victims to comply with subsequent phishing prompts.
Detailed Breakdown of the Attack
The attack unfolded in six interconnected stages, starting from the ad click to full credential theft and potential wallet hijacking. The process involved stages like a fake install page, a malicious terminal command, and a fake password prompt to capture the Mac login password.
The malware, disguised as a System Preferences prompt, captured passwords, enabling it to access encrypted keychains and browser credentials. For those with Ledger applications, the malware replaced app code, leading to persistent wallet hijacking.
Security Implications and Recommendations
Beelzebub Labs reported the malicious ad to Google, resulting in its removal within 24 hours. However, attackers are known to frequently change URLs to evade detection. Developers are advised to download tools directly from official sources and view any encoded terminal commands with suspicion.
Users who suspect exposure should change their Mac passwords and rotate browser-stored credentials. Recognizing and avoiding these tactics can significantly reduce the risk of credential and data theft.
