Beware! Fake CleanMyMac Website Steals Credentials

A fraudulent website is impersonating the macOS utility CleanMyMac to distribute SHub Stealer, a malware that steals credentials and cryptocurrency wallet data. The campaign uses social engineering to trick users into manually executing a malicious command in macOS Terminal, making the malware appear as part of a legitimate installation process. Security researchers have identified this as a targeted attack against Mac users searching for system optimization tools.