Claude users beware, hackers are using a fake website to dupe developers and deliver malware
'Beagle' is deployed through a Dynamic Link Library (DLL) sideloading chain, and gives attackers remote access to the system
A fake Claude AI website is spreading a trojanized 'Claude‑Pro' Windows installer that secretly distributes a newly-identified backdoor.
The domain mimics the official site for Anthropic’s Claude AI tool, and visitors who download the ZIP archive are sent a copy of Claude that appears to install and runs as expected.
However, researchers at Malwarebytes found it deploys a PlugX-like malware chain, dubbed Beagle, that gives attackers remote access to the system.
The ZIP contains an MSI installer that installs to a path designed to mimic a legitimate Anthropic installation, complete with a reference to Squirrel, the update framework that real Electron-based applications like Claude use.
A tell-tale giveaway for developers is that this contains a misspelling: ‘Cluade’.
While the legitimate application runs in the foreground, the VBScript quietly copies three files from the SquirrelTemp directory into the Windows Startup folder.
"This is a textbook DLL sideloading attack, a technique catalogued by MITRE as T1574.002. NOVUpdate.exe is a legitimately signed G DATA antivirus updater. When it executes, it attempts to load a library called avk.dll from its own directory," researchers explained..
"Normally, this would be a genuine G DATA component, but here the attacker has substituted a malicious version. Signed sideloading hosts like this can complicate detection because the parent executable may appear benign to endpoint security tools.
Victims are kept in the dark, because after deploying the payload files, the VBScript writes a small batch file called ~del.vbs.bat that waits two seconds, then deletes both the original VBScript and the batch file itself.
"This means the dropper is gone from disk by the time a user or analyst goes looking for it. The only artifacts that persist are the sideloading files in the Startup folder and the running NOVUpdate.exe process," Malwarebytes said.
"The script also wraps the entire malicious payload section in an On Error Resume Next statement, silently swallowing any errors so that failures in the deployment do not produce visible error dialogs that might alert the victim."
What is DLL sideloading?
DLL sideloading is a technique favored by PlugX, a malware family that Sophos has been tracking for 14 years.
As the firm points out, PlugX has multiple variants and has been associated with several threat actor groups, meaning that attribution isn't clear-cut.
On top of this, ShadowPad, another backdoor employing DLL sideloading, has a number of code overlaps with PlugX, to the extent that it could be considered an evolution of it.
"Most of the techniques described here are relatively well known and have been seen before, from spoofing a legitimate installer website to side loading using a signed executable. Interestingly enough what is unusual is that it also installs a working copy of Claude which is rather large," said Max Gannon, cyber intelligence team manager at Cofense.
"The installation and usage of a program that is resource intensive can also help to disguise other ongoing background activity. The use of a legitimate program, cleanup utilities, running in memory, and persistence mechanisms all indicate that the threat actors distributing this malware intend it for long term persistence and use."
FOLLOW US ON SOCIAL MEDIA
Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
-
Argyll and SambaNova team up to launch sovereign AI cloud for UK customersNews The companies claim that their approach reduces power and cooling demands, cutting complexity and long-term cost
-
Medion Signium 27 S1 All-in-One PC reviewReviews There are a few rough edges, but the basic specification is strong, and everything you need to get working is included in the very reasonable price
-
Anthropic targets vulnerability detection gains with Claude Security public beta — here's what users can expectNews The Claude Mythos developer is aiming for a more limited approach to cyber tooling for public consumption
-
North Korean hackers are duping freelance developers with fake interviews to steal cryptocurrency and deliver malware — Sophos warns the 'Nickel Alley' group is using LinkedIn, Upwork, and Fiverr to target victimsNews A fake interview process uses coding tests and repo downloads to deliver malware
-
AI is raising the stakes for cyber professionals – Claude Mythos just took things to another levelNews AI efficiency gains work both ways, and threat actors are already capitalizing on powerful new tools
-
‘There was a manual deploy step that should have been better automated’: Claude Code creator confirms cause of massive source code leakNews Over half a million lines of Claude Code source code was leaked, with the company attributing the blunder to human error
-
‘The build pipeline is becoming the new frontline’: Axios npm compromise highlights growing software supply chain risks, experts warnNews Cyber criminals exploited a hijacked maintainer account to compromise one of the world's most widely used JavaScript libraries
-
'It's destructive, not ransomware': Security experts weigh in on motivation behind Stryker cyber attackNews The attack on medical tech company Stryker has severely impacted operations globally
-
Thousands of Asus routers are being used to fuel a massive cyber crime spreeNews Black Lotus Labs has spotted a massive botnet of Asus routers built by malware that uses a common peer networking tool
-
The rise of teen hackers ‘makes for a good headline’, but cyber crime activities peak later in lifeNews With family responsibilities and mortgages to pay, it's not teenagers dishing out malware or carrying out cyber extortion
