X-sponsored malvertising promotes fake Mac app, delivers MacSync malware

TL;DR Summary
Jamf Threat Labs warns of a ClickFix-style attack where a verified X account promoted a malicious domain impersonating DynamicLake, a Mac utility. Visitors were redirected to dynamicmacisland[.]com and instructed to paste Terminal commands to install malware (MacSync/Atomic Stealer; DigitStealer variants seen). The ad bypassed checks due to trust in a familiar account; X removed it after Jamf reported. The DynamicLake developer condemns fake copies and urges downloads only from DynamicLake.com. This highlights ongoing malvertising risks on social platforms.
- Malware found spreading through sponsored ad on X 9to5Mac
- Fake “Claude Code” Google Ad Delivers MacSync Stealer, Hijacks Ledger Wallets on macOS cyberpress.org
- A Weaponized Google Ad Install Malicious Claude Code to Hijack Entire macOS CyberSecurityNews
- MacSync Stealer Hijacks macOS via Fake Claude Code Google Ads – Full Attack Chain Exposed gbhackers.com
Reading Insights
Total Reads
0
Unique Readers
13
Time Saved
3 min
vs 4 min read
Condensed
90%
763 → 78 words
Want the full story? Read the original article
Read on 9to5Mac