Bleepingcomputer
ClickLock Malware Targets macOS Users with Social Engineering Tactics
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
The ClickLock malware, a new macOS information stealer, has been identified by Group-IB. It exploits social engineering to trick users into entering their login credentials via a fake password dialog. Since May, it has infected over 100 systems across 33 countries, primarily in Europe. The malware operates without needing elevated privileges or software exploits, relying instead on user interaction to execute malicious commands in the Terminal. Once activated, ClickLock can steal passwords, cryptocurrency assets, and browser data while establishing a persistent backdoor for ongoing access. The malware's coercive tactics include terminating visible applications to pressure victims into compliance. It was first detected on VirusTotal on June 9, with no antivirus solutions flagging it at that time. The malware's development appears ongoing, suggesting future enhancements may be forthcoming.
Key Points: • ClickLock malware uses social engineering to steal macOS user credentials. • Over 100 systems across 33 countries have been infected since May 2026. • The malware operates without exploits, relying on user interaction to execute.