Mac users beware — scammers are hijacking Claude chats and Google ads to push malware

• Crooks abused Claude’s “Shared Chats” feature to plant fake install instructions leading to infostealer infections
• Fraudulent chats were promoted via Google Ads, showing authentic Claude URLs to trick Mac users
• Campaign used ClickFix tactics, spoofed “Apple Support,” and avoided targeting Russian‑language systems

Cybercriminals are abusing legitimate Claude and Google Ads services to trick Mac users into installing infostealing malware on their devices, experts have warned.

A new campaign was recently spotted, and disclosed, by security researcher Berk Albayrak on LinkedIn, concerning a feature called “Shared Claude Chats”, which allows users to create clickable links of previous conversations they’ve had with the AI. That way, other people can view those specific chat sessions through a public URL.

According to Albayrak, the hackers have created conversations in which the platform shows instructions on how to install Claude Code (a command-line coding assistant). However, the instructions ...