ClickFix started as a Windows problem. It is no longer one. Microsoft's Defender Security Research Team published a detailed analysis documenting an active ClickFix campaign that is targeting macOS users since at least January 2026. The primary goal is delivering infostealers by convincing users to paste malicious commands into their own Terminal, framed as routine system maintenance.
ClickFix is a social engineering technique that bypasses conventional malware delivery entirely. Rather than exploiting a vulnerability or compromising a download link, it presents the victim with a fake problem. A disk space alert, a system error, a software installation guide — and instructs them to copy a co...