Researchers expose how ChatGPT and Google Ads trick macOS users into pasting Terminal commands that install MacStealer, stealing iCloud passwords and card data.
© RusPhotoBank
Digital security experts have uncovered a new and troubling scheme: attackers are using ChatGPT and Google ads to trick Mac owners into running malicious commands in Terminal. The result is a covert installation of MacStealer, a trojan capable of stealing iCloud passwords, files, and bank card data.
According to Huntress, the campaign targeted people searching Google for instructions on clearing disk space in macOS. The hackers set up a genuine ChatGPT chat, kept a polite discussion about ways to free up storage, and quietly slipped in a dangerous command. They then made the link public and paid to push it through Google Ads, sending it to the top of the results. The lure works because it looks routine: a familiar interface, a helpful tone, and a quick fix.
A user would see a link to a ChatGPT conversation, assume it was a safe source, and follow the cleanup steps. By running the command in Terminal, they were actually installing AMOS Stealer, a MacStealer variant that silently collected passwords, escalated privileges to root, and set up persistence. The same tactic was applied to Grok chats on X.
The danger is that this method effectively bypasses macOS defenses. The system trusts actions initiated by the user, so no warnings appear when the command is entered manually.
Experts urge extra caution: never paste commands into Terminal unless you are completely sure about the source. Paid links on Google are not automatically safe, and the popularity of ChatGPT can foster a false sense of trust. This is one of the first attacks in which criminals directly use AI platforms as bait, and specialists expect the approach to develop further.