Cyber attackers are capitalizing on the rising interest in AI coding tools by creating fraudulent Claude Code installation pages, putting users at risk of credential theft. These fake pages are strategically optimized to appear at the top of search results, tricking users into downloading malicious software.
Exploiting User Excitement
The hackers are specifically targeting novices and non-technical users keen to use the new AI tool, Claude Code. Their lack of familiarity with proper installation procedures makes them vulnerable to such scams. The campaign unfolds through a complex, mostly fileless six-stage process that begins with a deceptive first step.
Security experts at Cyderes, through their Howler Cell research unit, have identified this active campaign. The attackers use SEO poisoning to promote a fake Anthropic installation page, which executes harmful commands on the victim’s system.
Advanced Attack Techniques
Upon visiting the spoofed page, users are instructed to execute a pre-configured command via the Windows Run dialog, a tactic known as the ClickFix method. This method employs social engineering to disguise malicious commands as part of routine setup steps. The initial stage involves retrieving a polyglot payload that appears as an MP3 file, which security tools mistakenly identify as legitimate.
Subsequent stages utilize the HTA to create a scheduled task that runs a PowerShell process, specifically targeting 32-bit architecture to evade detection. The process includes AMSI bypasses and victim fingerprinting, leading to the download of an obfuscated script from a Russian server, leaving no trace on the victim’s device.
Fileless Infostealer Deployment
The final phase involves a reflective .NET infostealer that operates entirely within the PowerShell process, making it difficult for security systems to detect. This infostealer communicates with a command-and-control server to exfiltrate credentials. Security experts warn that any Claude Code install page requesting execution of commands should be treated with suspicion.
Blocking outbound HTTPS connections from mshta.exe and monitoring DNS queries to domains like *.oakenfjrod.ru can help detect and prevent these attacks. Such strategies are crucial in defending against this highly sophisticated and targeted campaign.
Indicators of Compromise
The following indicators of compromise (IoCs) have been identified: download.version-516[.]com for payload delivery, oakenfjrod[.]ru for command and control activities, and IP 185[.]177[.]239[.]255 as the final exfiltration point. Security teams are advised to incorporate these IoCs into their detection systems to mitigate potential breaches.
As cyber threats evolve, staying informed and implementing robust security measures are critical. Follow our updates on Google News, LinkedIn, and X for real-time information on emerging threats.
