Cybercriminals Exploit ”Claude Code” Launch to Propagate Infostealer Malware via GitHub
Threat actors have swiftly capitalized on the recent launch of "Claude Code," an AI-powered coding tool by Anthropic, to orchestrate a sophisticated malware campaign targeting developers on GitHub. Security researchers have identified a series of malicious repositories masquerading as legitimate versions or enhancements of the Claude Code tool, designed to trick users into downloading "infostealer" malware. This campaign highlights the growing trend of "AI-jacking," where cybercriminals leverage the hype surrounding new artificial intelligence releases to compromise high-value targets within the software engineering community.
The attack vector primarily utilizes social engineering, where repositories are carefully crafted to appear as official Anthropic utilities or community-driven performance boosters. Once a developer clones and executes the compromised code, the embedded malware—often a variant of the Lumma or RedLine stealers—begins harvesting sensitive data, including browser-saved passwords, cryptocurrency wallet private keys, and session cookies. The ultimate goal of these actors is to gain unauthorized access to corporate environments and cloud infrastructure, using the stolen credentials of developers as a primary entry point.
Beyond individual data theft, this surge in malicious GitHub activity poses a broader systemic risk to the global software supply chain. By compromising developer workstations, attackers can potentially inject backdoors into legitimate enterprise projects, leading to wide-scale security breaches. Cybersecurity firms have noted that the speed at which these "poisoned" repositories appeared following the Claude Code announcement suggests a highly organized and automated approach by threat groups to monitor and exploit trending technology keywords for malicious gain.
In response to the escalating threat, security experts are urging developers to exercise extreme caution and verify the authenticity of all AI-related repositories before execution. Industry recommendations include sticking strictly to official documentation from AI providers like Anthropic and utilizing sandbox environments for testing new tools. As the intersection of AI development and cybersecurity becomes increasingly volatile, the "Claude Code" incident serves as a stark reminder of the persistent vulnerabilities inherent in open-source ecosystems when faced with high-speed, AI-themed social engineering tactics.