1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Be careful what you click - hackers use Claude Code leak to push

    From TechnologyDaily@1337:1/100 to All on Friday, April 03, 2026 18:30:27
    Be careful what you click - hackers use Claude Code leak to push malware

    Date:
    Fri, 03 Apr 2026 17:20:00 +0000

    Description:
    Fake source code repositories carrying infostealers are popping up on GitHub.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter Hackers exploit Claude Code leak with fake GitHub repos Malicious files deploy Vidar infostealer and GhostSocks proxy malware Anthropic faces rising scrutiny amid recent vulnerabilities and rapid product rollout Hackers have jumped on the recent news of a major Claude Code source code leak to trick people into infecting their computers with an infostealer malware .

    A few days ago, an Anthropic employee accidentally leaked the source code for Claude Code in what the company confirmed wasnt an act of a malicious
    insider, or third party, but rather a mishap. People quickly picked up on it, backing up the leak into a GitHub repository which has, by now, been forked tens of thousands of times, and now, cybercriminals are capitalizing on it. Article continues below You may like Hackers exploit OpenClaw to spread malware via GitHub - and a little help from Bing Anthropic confirms it leaked 512,000 lines of Claude Code source code spilling some of its biggest
    secrets Infostealers are being disguised as Claude Code, OpenClaw and other
    AI developer tools Delivering Vidar and GhostSocks Security researchers Zscaler said they observed malicious GitHub repositories, published by a user with the name dbzoomh, claiming to be Claude Codes source code with unlocked enterprise features and no usage restrictions.

    The hacker even optimized the repository for search engines, apparently succeeding in what most marketing agencies dream of - hitting the first page of Google for leaked Claude Code and similar search queries.

    Zscaler said that the repository holds a 7-Zip archive containing an executable named ClaudeCode_x64.exe. It was built in Rust and, when launched, deploys Vidar and GhostSocks.

    Vidar is an extremely powerful, known infostealer, capable of grabbing
    browser data (cookies, stored passwords, and more), saved passwords, cryptocurrency wallet data, and other vital files. GhostSocks, on the other hand, is a proxy malware that turns infected machines into residential proxies. Criminals use these proxies to route malicious traffic, often
    selling it as a service. Are you a pro? Subscribe to our newsletter Sign up
    to the TechRadar Pro newsletter to get all the top news, opinion, features
    and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. Speed or security? Is Anthropic rushing to ship new services? (Image credit: Shutterstock)
    According to Zscaler, the malicious archive is being constantly updated, hinting that the payloads might change in the future. They also said they saw a different GitHub repository with identical code. This one, however, shows a defunct Download ZIP button, prompting the researchers to conclude that the attackers toyed with different deployment mechanisms.

    The account pushing the malicious update has since been removed from the platform, and the GitHub page shows a 404 error message.

    Anthropic has been shipping new products at high speed, seemingly at the expense of security. In the last couple of weeks, weve had multiple stories about Claude being vulnerable to prompt injection and similar attacks. What
    to read next Anthropic issues copyright takedown requests to stem Claude Code leak Experts warn Claude Chrome extension could let hackers hijack your
    online browsing GitHub developers targeted by fake VS Code alerts spreading malware

    On March 27 2026, security researchers Koi Security found a major flaw in Claude Codes Google Chrome extension that enabled zero-click attacks. Dubbed ShadowPrompt , the vulnerability could have allowed malicious actors to exfiltrate sensitive data.

    A few days prior, on March 19, security researchers Oasis reported finding three vulnerabilities in Claude which, when used together, form a complete attack chain - from targeted victim delivery to sensitive data exfiltration. The researchers dubbed it Cloudy Day and responsibly disclosed it to
    Anthropic which quickly addressed it.

    Still, the platforms popularity is skyrocketing. The same day ShadowPrompt
    was discovered, Anthropic was forced to throttle its tools during peak hours to cope with rising demand. To manage growing demand for Claude we're adjusting our 5 hour session limits for free/Pro/Max subs during peak hours. Your weekly limits remain unchanged, said Thariq Shihipar, an engineer who works on Claude Code, in a post on X.

    Via BleepingComputer The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/be-careful-what-you-click-hackers-use-c laude-code-leak-to-push-malware


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)