- Hackers exploit Claude Code leak with fake GitHub repos
- Malicious files deploy Vidar infostealer and GhostSocks proxy malware
- Anthropic faces increasing scrutiny amid recent vulnerabilities and rapid product rollout
Hackers have jumped on the recent news of a major leak of Claude Code source code to trick people into infecting their computers with an infostealer malware.
A few days ago, an Anthropic employee accidentally leaked the source code for Claude Code in what the company confirmed was not the act of a malicious insider or third party, but rather an accident.
People quickly picked up on it and backed up the leak in a GitHub repository, which has since been split tens of thousands of times, and now cybercriminals are exploiting it.
The article continues below
Provides Vidar and GhostSocks
Security researchers Zscaler said they observed malicious GitHub repositories, published by a user named ‘dbzoomh’, that claimed to be Claude Code’s source code with “unlocked enterprise features” and no usage restrictions.
The hacker even optimized the repository for search engines and apparently succeeded in what most marketing agencies dream of – hitting the first page of Google for “leaked Claude Code” and similar search queries.
Zscaler said the repository has a 7-Zip archive that contains an executable named ClaudeCode_x64.exe. It was built in Rust and, when launched, implements Vidar and GhostSocks.
Vidar is an extremely powerful known info stealer capable of capturing browser data (cookies, saved passwords and more), saved passwords, cryptocurrency wallet data and other vital files. GhostSocks, on the other hand, is a proxy malware that turns infected machines into residential proxies. Criminals use these proxies to route malicious traffic and often sell it as a service.
Speed or safety?
According to Zscaler, the malicious archive is constantly updated, suggesting that the payloads may change in the future. They also said they saw another GitHub repository with identical code. However, this one shows a defunct “Download ZIP” button, leading the researchers to conclude that the attackers were playing with different deployment mechanisms.
The account pushing the malicious update has since been removed from the platform, and the GitHub page shows a 404 error message.
Anthropic has been shipping new products at high speed, apparently at the expense of safety. In the last few weeks, we’ve had several stories about Claude being vulnerable to instant injection and similar attacks.
On March 27, 2026, security researchers Koi Security found a major flaw in Claude Code’s Google Chrome extension that enabled zero-click attacks. Dubbed ShadowPrompt, the vulnerability could have allowed malicious actors to exfiltrate sensitive data.
A few days before, on March 19, security researchers reported to Oasis that they found three vulnerabilities in Claude that, when used together, form a complete attack chain – from targeted victim delivery to exfiltration of sensitive data. The researchers dubbed it Cloudy Day and revealed the responsibility to Anthropic, which quickly addressed it.
Still, the platform’s popularity is skyrocketing. The same day ShadowPrompt was discovered, Anthropic was forced to throttle its tools during peak hours to cope with the surge in demand. “To handle the growing demand for Claude, we are adjusting our 5 hour session limits for Free/Pro/Max subscriptions during peak hours. Your weekly limits will remain unchanged,” said Thariq Shihipar, an engineer working on Claude Code, in a post on X.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
