Palo Alto Networks Unit 42 researchers have disclosed a macOS malvertising campaign they are calling Operation FlutterBridge, which delivers a previously undocumented backdoor named FlutterShell. The campaign appears to be an evolution of an earlier operation known as JSCoreRunner, first identified in August 2025, and is attributed to a financially motivated threat cluster tracked as CL-CRI-1089.
Campaign Background and Attribution
CL-CRI-1089 has been active since at least 2023, targeting both Windows and macOS users through separate malvertising operations. The group’s consistent method involves distributing malicious advertisements through Google-verified shell companies, disguising payloads as legitimate desktop applications. Previous Windows-focused operations from this cluster include RecipeLister and Calendaromatic, which other vendors had grouped under the broader “TamperedChef” label before Unit 42 separated them into distinct activity clusters. In late 2025, the attackers expanded to macOS with Operation FlutterBridge and the FlutterShell payload.
How FlutterShell Works
FlutterShell is built using the Flutter cross-platform framework and relies on a WebView-based architecture that implements a JavaScript-to-native bridge. Rather than hardcoding malicious logic into the binary, the attackers host that logic on an external server. This design allows them to alter the malware’s behavior in real time without recompiling or redistributing the application.
The backdoor’s built-in capabilities include:
- Arbitrary shell command execution
- File system interaction and manipulation
- Environment variable exfiltration
In observed deployments, FlutterShell has primarily functioned as adware, modifying Google Chrome configuration files to redirect all browser traffic through an attacker-controlled, ad-filled intermediary site. However, some variants go further: they weaponize AI summarization features to route documents through an attacker-controlled server before processing, enabling covert data exfiltration.
Active Development and Analytical Challenges
Unit 42 identified multiple FlutterShell variants that did not yet contain malicious code, and found several unfinished functions within the JavaScript logic hosted on attacker infrastructure. The rapid appearance of new variants suggests the malware is under active development.
Analyzing Flutter-based malware presents specific technical hurdles. The Flutter engine compiles Dart code into a dynamic library and uses an Object Pool to separate code from its associated strings and variables, complicating static analysis significantly. Researchers used a custom version of the open-source blutter disassembly tool to reconstruct application logic from the Dart binary.
Distribution Scale and Google Response
The campaign targets a global audience with an emphasis on Anglophone and Western European markets, distributed through hundreds of Google-verified advertisements. Unit 42 reported the involved advertisers to Google. In response, Google stated it had suspended the advertiser accounts for policy violations. The researchers note that the use of shell companies to obtain verified advertiser status allowed the group to operate at scale while evading ad-network vetting processes.
Organizations using macOS in enterprise environments should audit browser configuration integrity and monitor for unexpected outbound connections to unknown intermediary servers, particularly those initiated by recently installed applications.