macOS social‑engineering malware

Researchers attribute the delivery vector to the ClickFix clipboard‑pasting social‑engineering technique first observed on Windows and adapted for macOS, where threat actors programmatically place commands in the clipboard and prompt victims to paste them into Terminal. (forcepoint.com)) Multiple infostealer families have been tied to recent waves: Sophos X‑Ops flagged MacSync in March 2026, Trend/third‑party trackers reported AMOS variants (including a “malext” dropper), and earlier activity linked to the Odyssey stealer is still being reused. (sophos.com)) Analysis from X‑Labs and Hunt.io shows the common payload pattern is a base64‑encoded string that decodes to a curl command which retrieves an obfuscated AppleScript; that AppleScript runs native APIs to harvest browser cookies, crypto wallet data and local files for exfiltration. (forcepoint.com)) Operators are amplifying reach with paid malvertising and content‑spoofing: Google Search ads and fake help pages pushing “how to” text blobs or bogus AI tool installers have funneled victims to paste‑in commands since at least November 2025. (cybersecuritynews.com)) Apple implemented a Terminal paste‑prompt and related controls in macOS Tahoe 26.4, distributed to users in late March 2026 (release notes and SDK updates published March 24, 2026), which delays execution of pasted commands and surfaces a confirmation dialog before allowing them to run. (developer.apple.com)) Researchers caution the new prompt does not publish its detection rules and early telemetry shows actors changing lures and encoding schemes to skirt heuristics, meaning detection gaps remain while vendors and defenders iterate on mitigations. (malwarebytes.com))