🎯Imagine you wanted to download a cool new app, but instead, you accidentally got a sneaky thief that steals your stuff. That's what's happening with some fake downloads of a coding tool called Claude Code, especially after a mistake let bad guys see its secret code. Always check where you're downloading from!
What Happened
Cybercriminals are getting cleverer, using fake download pages to target unsuspecting developers and IT professionals. These pages mimic the legitimate Claude Code, an AI coding assistant, tricking users into thinking they are downloading a safe installation package. Instead, they unknowingly install infostealer malware, which quietly infiltrates their systems.
This tactic highlights a growing trend in cybercrime, where attackers exploit trust in well-known software. Recent reports indicate that attackers have leveraged a packaging error in Claude Code's npm release to distribute multiple types of malware, including Vidar, GhostSocks, and PureLog Stealer. Additionally, a newly discovered fake website impersonating Claude offers a trojanized installer that deploys PlugX malware, granting attackers remote access to the victim's system. This malicious site mimics the official Claude download page and has reportedly gained traction with over 500 downloads.
The fake site presents itself as an official download page for a “Pro” version of Claude, offering a ZIP file that installs the legitimate application while simultaneously executing a hidden malware chain. The installation process is designed to appear normal, making detection difficult for users and security tools alike. A VBScript dropper runs the real app in the foreground while installing malware in the background, including a signed G DATA antivirus updater abused for DLL sideloading to execute a PlugX variant. This method of DLL sideloading is a textbook example of a technique catalogued by MITRE as T1574.002.
In a recent analysis by Rapid7, a similar campaign was identified, utilizing a ClickFix phishing technique that masqueraded as an installer for Claude. The attackers used a malicious URL to deliver a payload that appeared to be an MSIX bundle, but contained obfuscated PowerShell scripts designed to execute further malicious commands, including process injection routines. This highlights the evolving tactics used by attackers to compromise systems, emphasizing the need for vigilance.
The Source Code Leak
On March 31, 2026, a packaging error in Anthropic’s Claude Code npm release inadvertently exposed approximately 512,000 lines of internal TypeScript code, which was quickly mirrored across GitHub. Threat actors took advantage of the attention around this leak, pivoting to distribute infostealer malware like Vidar and GhostSocks through fake “leaked Claude Code” GitHub repositories within 24 hours of the exposure. This incident underscores how quickly attackers can weaponize trust signals and capitalize on human error.
The leaked code not only provided a convenient lure but also introduced longer-term risks, including the potential for vulnerability discovery and exploitation. The campaign has been part of a broader operation that has impersonated over 25 software brands since February 2026, demonstrating the scale and adaptability of these cybercriminals.
Why Should You Care
Imagine downloading a helpful app, only to find it’s a thief in disguise. Your personal and professional data is at risk, which could mean financial loss or identity theft. This is especially concerning for developers and IT professionals who often handle sensitive information.
Think of it like inviting someone into your home, believing they are a friend, only to discover they are there to steal your valuables. The impact can be devastating, affecting not just you but also your company and its clients. Protecting your data is crucial, and being aware of these threats is the first step in safeguarding it.
The key takeaway? Always verify the source of software downloads. If something feels off, trust your instincts and do further research.
What's Being Done
Security experts are on high alert, monitoring these fake download sites and working to take them down. Meanwhile, users are urged to take immediate action to protect themselves:
- Verify the source of any software before downloading.
- Use antivirus software to detect and block malicious downloads.
- Stay informed about the latest cybersecurity threats and tactics.
Organizations should also implement additional measures, such as scanning for specific malware artifacts, monitoring for unusual network activity, and rotating credentials if they suspect exposure. The rapid exploitation of the Claude Code packaging error underscores the need for vigilance in software supply chain security. Experts are watching for new tactics that may emerge from these cybercriminals, as they adapt their strategies to continue exploiting unsuspecting users.
Indicators of Compromise (IOCs)
- Payload filenames: Claude-Pro-windows-x64.zip, NOVUpdate.exe, avk.dll, NOVUpdate.exe.dat.
- Network indicators: Outbound connections to 8.217.190.58 on port 443 (TCP).
- Additional domains: download-version[.]1-5-8[.]com, Oakenfjrod[.]ru, download[.]get-version[.]com.
How to Stay Safe
This campaign works because everything looks normal. The app installs, launches, and behaves as expected, while a hidden sideloading chain runs in the background using a signed security tool to avoid suspicion. Here’s how to check if you’ve been affected: To stay safe:
Do Now
- 1.Check your Startup folder for NOVUpdate.exe, avk.dll, or NOVUpdate.exe.dat.
- 2.If any are present, disconnect from the internet immediately.
- 3.Look for the misspelled directory C:\Program Files (x86)\Anthropic\Claude\Cluade\ on your system.
- 4.Run a full system scan with Malwarebytes.
- 5.Check firewall or proxy logs for outbound connections to 8.217.190.58.
Do Next
- 6.Change passwords for any accounts accessed from the affected machine. PlugX variants can include keylogging and credential theft.
- 7.Only download Claude from the official site: claude.com/download.
- 8.Avoid links in emails, ads, or “Pro” versions offered outside official channels.
- 9.Use an up-to-date, real-time anti-malware solution with a web protection component.
The rapid exploitation of the Claude Code leak demonstrates how quickly threat actors can pivot and capitalize on vulnerabilities, emphasizing the importance of robust software governance and proactive security measures.
