MacBook Users Beware: New Scam Method to Hack Bank Accounts

MacBook users need to be cautious of the latest malware threat. This attack can steal victims’ data and is difficult to detect because it involves no malicious attachments or automatic downloads. The malware, named Infostealer, employs a social engineering technique called ClickFix, which deceives victims into running harmful code on their computers. Victims receive phishing emails or pop-ups on compromised websites. The content prompts users to perform an update. They are then directed to a site featuring a traditional ‘I’m not a robot’ checkbox, but also requiring manual steps such as opening Spotlight and searching for the Terminal app. Victims receive instructions to paste code into Terminal and press Enter. This is how the malware infiltrates the victim’s MacBook. “Because users run the command directly, many traditional defences are bypassed,” stated a Malwarebytes report, quoted from Mashable, Tuesday (31/3/2026). The report notes that the delivered malware is written in Python and compiled with Nuitka, a macOS binary builder. This makes the malware difficult to analyse and distinguish from other malware. The attack can steal various data from the victim’s MacBook, including passwords, screenshots, browser data such as cookies, and other sensitive information. To avoid it, MacBook users should always be wary of instructions from websites, whether familiar or not. Users should also know that no CAPTCHA or verification requires entering code into Terminal. Avoid inputting into that app if not very familiar with the code. If already a victim, Malwarebytes recommends not using the problematic computer anymore. Change account passwords on a separate device and revoke access from the old computer.