InstallFix Claude Code malvertising campaign
Campaign
Summary
Hide ▲
Show ▼
InstallFix is being used in an active malvertising operation that pushes cloned Claude Code install pages and malicious CLI instructions, putting users who search for installation help at risk of malware delivery and credential theft. The campaign matters because the lure is designed to look legitimate while redirecting victims through promoted search results and fake documentation. It targets a specific developer-oriented query set, making the operation both focused and scalable.
Related Happenings
Fake Claude Code installation-page infostealer campaign targeting developers
Campaign
First: 11.05.2026 17:00
Last: 11.05.2026 17:00
Sources 1
About this happening:
A **fake Claude Code** installer campaign is using **sponsored search results** and **operator-controlled domains** to deliver an **infostealer** to **developer workstations**, pu...
Fake Claude Code installation-page infostealer campaign targeting developers
CampaignAbout this happening: A **fake Claude Code** installer campaign is using **sponsored search results** and **operator-controlled domains** to deliver an **infostealer** to **developer workstations**, pu...
Fake Claude PlugX phishing campaign
Campaign
First: 13.04.2026 12:52
Last: 13.04.2026 12:52
Sources 1
About this happening:
A **February** phishing campaign used a **fake Claude website** and **fake meeting invitations** to deliver **PlugX** malware to recipients, turning a popular AI brand into a malw...
Fake Claude PlugX phishing campaign
CampaignAbout this happening: A **February** phishing campaign used a **fake Claude website** and **fake meeting invitations** to deliver **PlugX** malware to recipients, turning a popular AI brand into a malw...
Latest development: 07.05.2026 13:02
A fake Claude AI site at claude-pro[.]com distributed Claude-Pro-windows-x64.zip, which drops NOVupdate.exe, NOVupdate.exe.dat, and avk.dll to sideload DonutLoader and load the Beagle backdoor on Windows. The backdoor uses license[.]claude-pro[.]com for command-and-control over TCP 443 and/or UDP 8080, and related Beagle samples were submitted to VirusTotal between February and April this year.
Claude Code leak GitHub Vidar lure campaign
Campaign
First: 02.04.2026 23:30
Last: 02.04.2026 23:30
Sources 1
About this happening:
A **malicious GitHub repository campaign** is abusing the **Claude Code leak** to deliver **Vidar** to users searching for leaked code. The lure uses a **fake leak**, **search-eng...
Claude Code leak GitHub Vidar lure campaign
CampaignAbout this happening: A **malicious GitHub repository campaign** is abusing the **Claude Code leak** to deliver **Vidar** to users searching for leaked code. The lure uses a **fake leak**, **search-eng...
OpenClaw fake installer GitHub campaign promoted by Bing AI
Campaign
First: 06.03.2026 00:37
Last: 06.03.2026 00:37
Sources 1
About this happening:
A **last month** campaign used **fake OpenClaw installers** on **GitHub** and **Bing AI**-promoted search results to push **malware loaders** and **infostealers** to people trying...
OpenClaw fake installer GitHub campaign promoted by Bing AI
CampaignAbout this happening: A **last month** campaign used **fake OpenClaw installers** on **GitHub** and **Bing AI**-promoted search results to push **malware loaders** and **infostealers** to people trying...
Latest development: 09.03.2026 20:31
A malicious npm package named @openclaw-ai/openclawai, uploaded on March 3, 2026, masquerades as an OpenClaw installer and uses a postinstall hook to launch scripts/setup.js, display a fake CLI and iCloud Keychain prompt, and fetch a second-stage payload from trackpipe[.]dev. The chain installs a persistent RAT internally identified as GhostLoader and steals macOS Keychain data, browser credentials, crypto wallets, SSH keys, Apple Notes, iMessage history, Safari history, and Mail data before exfiltrating a tar.gz archive through the C2 server, Telegram Bot API, and GoFile.io.
OAuth-phished ZIP/LNK/PowerShell malware delivery chain
Malware Activity
First: 03.03.2026 11:20
Last: 03.03.2026 11:20
Sources 1
About this happening:
**ZIP-delivered malware** now uses a **PowerShell** and **DLL side-loading** chain to infect Windows devices and reach an external **C2 server**, increasing the risk of follow-on...
OAuth-phished ZIP/LNK/PowerShell malware delivery chain
Malware ActivityAbout this happening: **ZIP-delivered malware** now uses a **PowerShell** and **DLL side-loading** chain to infect Windows devices and reach an external **C2 server**, increasing the risk of follow-on...
Timeline
-
06.03.2026 17:00 2 articles · 2mo ago
InstallFix malvertising against Claude Code
Initial DisclosureThreat actors used InstallFix, a new ClickFix variation, to push cloned Claude Code installation pages through Google Ads malvertising and lure users into running malicious CLI install commands that retrieve payloads from attacker-controlled endpoints, including a chain that launches mshta.exe and delivers the Amatera info-stealer. The fake pages mirrored legitimate layout and documentation while redirecting only the install instructions to malicious infrastructure, and the activity also appeared on legitimate hosting platforms such as Cloudflare Pages, Squarespace, and Tencent EdgeOne.
Show sources
- Fake Claude Code install guides push infostealers in InstallFix attacks — www.bleepingcomputer.com — 06.03.2026 17:00
- Fake Claude Code install guides push infostealers in InstallFix attacks — www.bleepingcomputer.com — 06.03.2026 17:00