Malware found spreading through sponsored ad on X
Malware spreading through sponsored ads on X has security experts on alert.
Velocity
How fast coverage is spreading — measured hourly from article rate × source diversity. How this works →
The brief
A malware campaign is spreading through sponsored ads on X. The malware, MacSync Stealer, targets macOS users. It is disguised as a fake Claude Code Google ad. Coverage from Security Boulevard, Malwarebytes, and 9to5Mac emphasizes the use of verified ads to spread malware. CyberSecurityNews and gbhackers.com report that the malware hijacks macOS systems.
Cyberpress.org adds that it also targets Ledger wallets. Huntress discusses broader dark web tactics. The malware is spreading through ads on X. Coverage does not yet specify how many users have been affected or how the malware operates once installed. The ads are verified, raising concerns about the security of X's ad platform.
The malware targets macOS users, with some reports indicating it also affects Ledger wallets. Watch for updates on the extent of the malware's spread. Coverage does not yet specify how the malware operates once installed. Look for responses from X and Google regarding the security of their ad platforms.
Synthesized by Archynetys from the headlines below under a strict no-invention contract. ✓ fact-checked: all claims supported by sources Updated 2h ago.
Quick answers
What is the name of the malware?
The malware is named MacSync Stealer.
Which platforms are affected?
The malware targets macOS users. Some reports indicate it also affects Ledger wallets.
How is the malware spreading?
The malware is spreading through sponsored ads on X. The ads are verified, raising concerns about the security of X's ad platform.
Coverage (7)
- Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts Security Boulevard · 1d ago
- The Hacker's 2026 Playbook: Dark Web Tactics Targeting You Huntress · 1d ago
- Verified X ad spreads Mac malware, while ConsentFix steals Microsoft accounts Malwarebytes · 1d ago
- MacSync Stealer Hijacks macOS via Fake Claude Code Google Ads gbhackers.com · 1d ago
- A Weaponized Google Ad Install Malicious Claude Code to Hijack Entire macOS CyberSecurityNews · 1d ago
- Fake “Claude Code” Google Ad Delivers MacSync Stealer, Hijacks Ledger Wallets on macOS cyberpress.org · 1d ago
- Malware found spreading through sponsored ad on X 9to5Mac · 1d ago
Topics
Related trends
Newly discovered PamStealer isn’t your typical macOS malware
A new macOS malware, PamStealer, is raising alarms for its unique approach to stealing user credentials.
ConsentFix and ClickFix: How Microsoft 365 Accounts are Hijacked in 3 Seconds
Security researchers reveal new phishing tactics targeting Microsoft 365 accounts.
Apple ‘Hide My Email’ Vulnerability Reveals Peoples’ Real Email Addresses
A flaw in Apple’s ‘Hide My Email’ feature is reportedly exposing users’ real email addresses.
CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451)
Citrix has released patches for six NetScaler vulnerabilities, including a critical pre-auth memory overread flaw echoing previous CitrixBleed patterns.
Gemini Spark rolling out to macOS app for local tasks, automation
Google is expanding Gemini Spark to macOS, enabling local task automation and third-party app integration.
New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials
A new cyberattack exploits AI browsers to steal user credentials, raising alarms in the tech community.