ClickFix macOS Malware Targets User Login Credentials

Security researchers have identified a new malware campaign targeting macOS users through a sophisticated ClickFix technique that combines phishing and social engineering to steal cryptocurrency wallet details, browser credentials, and sensitive personal data.

The Odyssey Stealer malware, discovered by X-Labs researchers in August 2025, represents an evolution of earlier ClickFix attacks that previously focused on Windows systems, now expanding to compromise Apple devices through fake CAPTCHA verification pages.

Fake CAPTCHA Pages Deliver Terminal-Based Attacks

The attack begins when users visit the malicious website “tradingviewen[.]com,” which presents what appears to be a legitimate CAPTCHA verification page.

However, this page is specifically designed to detect the user’s operating system and deliver tailored instructions for each platform.

On macOS systems, victims are prompted to open Terminal through Command+Space, copy provided code, and paste it into the terminal application.

When executed, the seemingly innocuous command ...