Fake Claude AI Installer Campaign Distributes PlugX Malware via Phishing
Date: 2026-04-22
Tags: malware, malicious-tool
Executive Summary
Fake Claude AI installer mimicking Anthropic spreads PlugX malware on Windows, using DLL sideloading to gain persistent remote access to infected systems. Cybersecurity experts from Malwarebytes found a malicious campaign where scammers use the popularity of Anthropic's AI tool Claude to spread malware. Hackers made a fake website that looks just like the official one from Anthropic and offers a Pro version of the tool for Windows to lure people into downloading a malicious file.
Campaign Summary
| Field | Detail |
|---|---|
| Campaign / Malware | Claude AI Pro Installer Phishing Campaign |
| Attribution | Unknown (Financially Motivated Threat Actor) (confidence: low) |
| Target | Windows users seeking Claude AI Pro software; development teams using Claude |
| Vector | Phishing emails linking to fake Anthropic website distributing trojanized Claude installer package |
| Status | active |
| First Observed | 2026-04-05 |
Detailed Findings
The scam kicks in after the user is led to visit a site via phishing emails and downloads a folder named Claude-Pro-windows-x64.zip. There is an MSI installer inside it that places a shortcut called Claude AI.lnk on the desktop, which runs a VBScript when clicked. This script first launches the original Claude app to keep the user distracted and simultaneously installs the PlugX malware to allow hackers to remotely control the compromised device. Researchers observed attackers using Kingmailer on 28 March 2026 and switching to CampaignLark on 5 April 2026 to distribute phishing emails. A simple spelling mistake reveals the fake: hackers created a folder named 'Cluade' instead of Claude at C:\Program Files (x86)\Anthropic\Claude\Cluade.
MITRE ATT&CK Mapping
| Technique | ID | Context |
|---|---|---|
| Phishing | T1566 | Phishing emails directing users to fake Anthropic download site |
| Execution | T1204 | User execution of malicious VBScript via desktop shortcut |
| DLL Sideloading | T1574.001 | PlugX malware leverages DLL sideloading for persistence |
IOCs
Domains
_No specific IOCs published; detection signatures recommended for PlugX family and associated infrastructure_
Full URL Paths
_No specific IOCs published; detection signatures recommended for PlugX family and associated infrastructure_
Splunk Format
_No IOCs available for Splunk query_
Package Indicators
Claude-Pro-windows-x64.zipDetection Recommendations
Alert on downloads of Claude-Pro-windows-x64.zip or variants; monitor for installation of files to C:\Program Files (x86)\Anthropic\Claude\Cluade; detect PlugX malware signatures (NOVUpdate.exe, avk.dll in Startup folders); block Kingmailer and CampaignLark infrastructure IPs at email gateway; implement YARA rules for PlugX DLL sideloading patterns; educate users to download only from official claude.ai domain.
References
- [Malwarebytes / Hackread] Fake Claude AI Installer Targets Windows Users with PlugX Malware (2026-04-15) — https://hackread.com/fake-claude-ai-installer-plugx-malware-windows-users/