- Hackers exploit Claude Code leak with fake GitHub repositories
- Malicious files deploy Vidar infostealer and GhostSocks proxy malware
- Anthropic has come under increasing scrutiny due to recent vulnerabilities and a rapid rollout of its products.
Hackers took advantage of the recent news of a major Claude Code source code leak to lure people into infecting their computers with infostealer malware.
A few days ago, an Anthropic employee accidentally leaked the source code of Claude Code. The company confirmed that this was not an act of a malicious insider or third party, but rather an accident.
People quickly caught on, saving the leak to a GitHub repository that has already been forked tens of thousands of times, and now cybercriminals are taking advantage.
Article continues below
Delivery of Vidar and GhostSocks
Security researchers Zscaler said they observed malicious GitHub repositories, posted by a user named “dbzoomh”, claiming to be Claude Code source code with “unlocked enterprise features” and no usage restrictions.
The hacker even optimized the repository for search engines, apparently achieving what most marketing agencies dream of: reaching the first page of Google for the “Claude code leak” and similar search queries.
Zscaler said the repository contains a 7-Zip archive containing an executable named ClaudeCode_x64.exe. It was built in Rust and, when launched, deploys Vidar and GhostSocks.
Vidar is an extremely powerful and known information stealer capable of recovering browser data (cookies, stored passwords, etc.), saved passwords, cryptocurrency wallet data and other vital files. GhostSocks, on the other hand, is proxy malware that turns infected machines into residential proxies. Criminals use these proxies to route malicious traffic, often selling it as a service.
Speed or security?
According to Zscaler, the malicious archives are constantly updated, suggesting that the payloads could change in the future. They also reported seeing a different GitHub repository with identical code. This one, however, shows an outdated “Download ZIP” button, leading researchers to conclude that the attackers played with different deployment mechanisms.
The account releasing the malicious update has since been removed from the platform and the GitHub page displays a 404 error message.
Anthropic ships new products at high speed, apparently at the expense of security. Over the past few weeks, we’ve heard several stories that Claude was vulnerable to rapid injections and similar attacks.
On March 27, 2026, security researchers Koi Security discovered a major flaw in Claude Code’s Google Chrome extension that allowed zero-click attacks. Dubbed ShadowPrompt, the vulnerability could have allowed malicious actors to exfiltrate sensitive data.
A few days earlier, on March 19, Oasis security researchers reported discovering three vulnerabilities in Claude that, when used together, form a complete attack chain – from targeted delivery of victims to exfiltration of sensitive data. The researchers dubbed it Cloudy Day and responsibly disclosed it to Anthropic, which quickly resolved it.
However, the popularity of the platform is skyrocketing. The same day ShadowPrompt was discovered, Anthropic was forced to throttle its tools during peak hours to keep up with growing demand. “To handle the growing demand for Claude, we are adjusting our 5-hour session limits for Free/Pro/Max subscriptions during peak hours. Your weekly limits remain unchanged,” said Thariq Shihipar, an engineer who works on Claude Code, in an article on X.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
