Fake CleanMyMac Site Uses ClickFix Trick to Install SHub Stealer on macOS

A fake CleanMyMac website is using a ClickFix attack to trick macOS users into installing SHub Stealer, a malware that harvests passwords and targets cryptocurrency wallets. The malware avoids Russian devices and uses a fake password prompt to gain access to the macOS Keychain and steal sensitive information, including crypto wallet recovery phrases.