Fake websites target Claude users with stealthy data-stealing malware
anthropic claude
| Source: Mastodon | Original article
Claude Code users targeted by fake Anthropic sites with fileless infostealer.
Cyber attackers have launched a fileless infostealer campaign targeting Claude Code users through fake Anthropic websites. This campaign steals browser credentials and evades detection, posing a significant threat to developers using the popular AI coding assistant.
As we reported on May 30, Anthropic's valuation has surged to $965 billion, and its Claude Code tool has gained immense popularity. However, this growth has also attracted malicious actors seeking to exploit its users. The fake websites deliver a fileless infostealer that loads directly into memory, scraping credentials, session tokens, and VPN keys, which are then shipped to the attackers.
This is not the first time Claude Code users have been targeted. In March, we saw similar campaigns using fake installation guides and fraudulent download pages to spread infostealer malware. The latest campaign highlights the ongoing risks associated with the tool's popularity and the need for developers to be cautious when installing or updating Claude Code. Users should exercise extreme caution when searching for installation guides or downloading updates, ensuring they only use official channels to avoid falling prey to these malicious campaigns.
Sources
Back to AIPULSEN