New ClickLock Malware Holds Mac Users Hostage for Passwords

New ClickLock Malware Holds Mac Users Hostage for Passwords

First seen 18 Jul 2026, 09:08 UTC DigitaltrendsTimesnownews 75% similarity 64.5

Article Content

Browse articles
ThreatCluster

A new macOS malware strain named ClickLock is targeting Mac users by preventing access to their computers until they provide their login passwords. The malware employs social engineering tactics, displaying fake Apple password prompts and repeatedly crashing key macOS processes, including Finder and Terminal, every 210 milliseconds. Researchers at Group-IB report that ClickLock has already infected over 100 systems across 33 countries since May 2026. The malware is believed to initiate through a ClickFix-style attack, tricking users into executing a command in Terminal. Once the correct password is entered, ClickLock not only steals it but also targets sensitive data such as browser profiles and cryptocurrency wallets. The malware's persistence mechanisms can keep users trapped in a cycle for over 83 hours. Additionally, another malware called CrashStealer is also affecting macOS, which impersonates Apple's crash reporting framework to steal sensitive information.

Key Points: • ClickLock malware prevents Mac access until the user surrenders their password. • Over 100 systems in 33 countries have been infected since May 2026. • The malware uses social engineering tactics and targets sensitive data like browser profiles.

ThreatCluster AI

Timeline

2026-05-01
ClickLock malware first detected
Researchers identified ClickLock malware beginning its infections, affecting over 100 systems across 33 countries.
Digitaltrends
2026-06-01
ClickLock uploaded to VirusTotal
The malware was uploaded to VirusTotal, but none of the security engines flagged it as malicious.
Digitaltrends
2026-07-17
ClickLock reported by multiple sources
Both Digitaltrends and Timesnownews published articles detailing the ClickLock malware and its impact on Mac users.
Timesnownews

Community

Browse all →