'Threat actors are clearly adapting to the widespread interest in popular AI tools': AI fans beware, hackers create a fake Claude site to spread backdoor malware

• A spoofed site (claude-pro[.]com) delivers poisoned installers that sideload DonutLoader and the Beagle backdoor
• The operation mimics legitimate Claude software, likely tied to PlugX operators using DLL sideloading
• Researchers warn of malicious ads and SEO poisoning, urging users to verify links before downloading

If you’re looking to download the Claude client on Windows, be careful, because there are fake and malicious versions out there looking to exploit interest in new AI models.

Security researchers from Sophos have flagged how one such alleged Claude Pro offering led them to a website “claude-pro[.]com”. The site itself was built to look identical to the legitimate claude.ai official website, but the researchers determined it was fake rather quickly, as none of the links or buttons on the site, aside from the download one, worked - all redirecting back to the homepage.

Those who didn’t spot the ...