Microsoft Security Team: Fake macOS Troubleshooting Posts Can Install Crypto Wallet Stealing Programs

CoinFeed reported on May 11th that, according to Cryptopolitan, Microsoft's security research team discovered that attackers have been using fake macOS troubleshooting guides since the end of 2025 to trick users into running malicious terminal commands, thereby stealing encrypted wallets, iCloud data, and browser-saved passwords. These fake guides, published on platforms like Medium, Craft, and Squarespace, target common user problems such as freeing up disk space or fixing system errors, inducing users to copy and paste malicious commands into the terminal. These commands automatically download and run malware. This social engineering technique, called ClickFix, bypasses macOS's Gatekeeper security mechanism because the victims actively execute the commands.