As AI development tools continue to grow in popularity, attackers are beginning to exploit their ecosystems.
A recent campaign is distributing fake Claude Code download pages that mimic legitimate installers.
The attack relies on sponsored search advertisements, meaning developers searching for Claude Code may encounter the malicious page before the real one.
If the installation command is copied and executed, the malware deploys infostealers capable of capturing:
• Browser credentials
• Session cookies
• API tokens
• Crypto wallet data
This is another sign that AI tooling ecosystems are becoming a new supply-chain attack vector for developers.
Full threat analysis:
https://blog.periscope-tech.com/new-threat-alert-fake-claude-code-downloads-delivering-infostealers/
Top comments (0)