Hackers Distribute Claude Code Leak Bundled With Infostealer Malware on GitHub
After Anthropic accidentally made the source code for its popular AI coding tool Claude Code public, hackers quickly weaponized the leak by posting it on GitHub bundled with infostealer malware.
The Claude Code Leak
Earlier this week, a security researcher discovered that Anthropic had inadvertently published the source code of Claude Code — the company's widely-used vibe-coding tool that lets developers write software through natural language conversations. The code was meant to be proprietary.
Malware Campaign
Hackers seized the opportunity almost immediately:
- Fake GitHub repositories were created claiming to host the leaked Claude Code source
- Infostealer malware was embedded within the repositories
- Unsuspecting developers who downloaded the "leaked code" also installed malware designed to steal credentials, browser data, and other sensitive information
Security Roundup
This incident was part of a broader week of security events:
- FBI wiretap hack: The FBI disclosed that a recent hack of its wiretap tools poses a national security risk
- Cisco source code stolen: Attackers stole Cisco source code as part of an ongoing supply chain hacking spree
- Apple DarkSword patches: Apple released rare backported patches for iOS 18 after the DarkSword exploitation technique continued to spread, allowing attackers to infect iPhones simply by visiting compromised websites
- Iran-US cyber tensions: Iran threatened to launch attacks against more than a dozen US tech companies including Apple, Google, and Microsoft
Implications
The Claude Code malware distribution highlights a growing trend: hackers increasingly use leaked or pirated AI tools as delivery vehicles for malware. As AI coding tools gain popularity, security researchers expect more campaigns targeting developers who might be tempted to download "leaked" versions of expensive or proprietary tools.
The incident also raises questions about Anthropic's internal code management practices and whether the company has adequate safeguards to prevent accidental public exposure of proprietary source code.