Infostealers are being di - Historico da BBS TELESC.NET.BR

BBS:      TELESC.NET.BR
Assunto:  Infostealers are being di
De:       Mike Powell
Data:     Thu, 19 Mar 2026 08:42:48 -0500
-----------------------------------------------------------
Infostealers are being disguised as Claude Code, OpenClaw and other AI
developer tools

Date:
Wed, 18 Mar 2026 14:00:00 +0000

Description:
Be careful with search engine results, crooks are smuggling infostealers
again.

FULL STORY
Kaspersky warns of malvertising campaign abusing Claude Code
Fake download sites deliver Amatera infostealer on Windows, AMOS on macOS
Developers risk exposing source code, corporate data, and credentials

Hackers are, once again, taking advantage of current trends to attack software
developers with information-stealing malware.

Earlier this week, security researchers Kaspersky warned about an ongoing
malvertising campaign targeting people interested in downloading Claude Code.
Claude Code is a coding-focused AI assistant developed by Anthropic. It is
like a specialized version of the Claude GenAI chatbot , designed 
specifically to help software developers write, edit, and debug code and, in 
a sense, is similar to tools like GitHub Copilot, or ChatGPTs coding
capabilities.  Infected with infostealers -- According to
Kaspersky, some people searching for Claude Code download, OpenClaw download,
and similar tools, will get a malicious ad shown in the very top of the 
search engines results page. Clicking on those ads leads to websites that, in
almost every aspect, look identical to the authentic pages set up by 
Anthropic and OpenAI. 

To make matters worse, installing Claude Code is not the same as installing 
an app, or a program. It requires copying and pasting code in the Windows
Command Prompt, or macOS Terminal, making the compromise even harder to spot. 

Those that dont spot it, and try to install these fake assistants, will get a
different version of an infostealer, depending on the operating system they
are running. Those on Windows will end up getting Amatera, an
information-stealing malware that collects data from user directories, web
browsers, and cryptocurrency wallets. Kaspersky said it has previously
observed Amatera in campaigns using the ClickFix distribution technique and 
is operated under a Malware-as-a-Service (MaaS) model. 

On the other hand, macOS users will be infected with the infamous AMOS, a
known macOS-oriented infostealer that has been used in countless campaigns
against Apple users in the past.

The campaign poses significant risks because AI development tools such as
Claude Code and OpenClaw are widely used not only by hobbyists and automation
enthusiasts but also by professional developers working in large
organizations, said Kasperskys cybersecurity expert Vladimir Gursky. 

If infected, victims may unknowingly expose source code from active projects,
confidential corporate data, authentication credentials, and private 
accounts. This makes such campaigns particularly dangerous for businesses
whose developers rely on AI-assisted coding tools.

Link to news story:
https://www.techradar.com/pro/security/infostealers-are-being-disguised-as-cla
ude-code-openclaw-and-other-ai-developer-tools

$$
--- SBBSecho 3.28-Linux
 * Origin: Capitol City Online (1:2320/107)

-----------------------------------------------------------
[Voltar]