Skip to content
Tech News
← Back to articles

'InstallFix' Attacks Spread Fake Claude Code Sites

2026-03-09 | original
read original get Cybersecurity USB Drive → more articles
Why This Matters

The spread of 'InstallFix' attacks targeting fake Claude Code sites underscores the growing risks associated with AI tool impersonation and malicious social engineering. These attacks exploit developers' reliance on copy-pasting commands, leading to potential credential theft and security breaches in enterprise environments. This highlights the urgent need for improved cybersecurity awareness and safer development practices in the tech industry.

Key Takeaways

A new variation of the ClickFix technique is capitalizing on the popularity of Anthropic's Claude Code and other AI coding tools.

Researchers at Push Security discovered the threat campaign, which combines malvertising with a social engineering attack. The research team found fake install pages for Claude Code were spreading exclusively through Google-sponsored links for searches such as "Claude Code," "Claude Code install," and "Claude Code CLI."

The cloned installation pages for Anthropic's coding assistant are near-identical to the real thing, Jacques Louw, Push Security co-founder and chief product officer (CPO), explained in a blog post published Friday. But when victims copy the malicious install commands from the clones sites, they deploy the Amatera Stealer malware, which could swipe developers' credentials and give attackers access to enterprise development environments.

While there's nothing revolutionary about this approach, which Push Security calls "InstallFix," Louw explained that attackers have recognized the increased tendency among users to simply copy and paste commands into their systems and execute them. The attacks highlight an insecure practice that has, unfortunately, become the norm these days.

Related:VMware Aria Operations Bug Exploited, Cloud Resources at Risk

"There was a time, not that long ago, when pasting a command from a website straight into your terminal was something you'd only try once before some grizzled senior engineer beat it out of you," Louw wrote. "That's because you're effectively handing a website a blank cheque to execute whatever it wants on your system."

ClickFix is a widely used social engineering technique that typically delivers error messages of some kind to convince unsuspecting users to execute malicious commands. The error messages typically feature fake browser updates, but variations of the technique have used everything from phony Blue Screens of Death to audio errors for fake job interviews conducted over videoconferencing.

InstallFix, however, might be the most apt variant yet because it targets a class of user that's probably comfortable with copying and pasting commands. Like many AI coding assistants, Louw explained, Anthropic's recommended install method for Claude Code is pasting and executing a one-line command in a system terminal.

And it's not just AI-coding assistants; Louw wrote that hundreds of the most popular developer and command-line interface (CLI) tools ship with the same installation instructions. Attackers know that this has become a standard practice and are now exploiting it.

Related:AI Agent Overload: How to Solve the Workload Identity Crisis

... continue reading

Explore topics: anthropic claude code push security amatera stealer installfix
Related:
Asking AI for medical advice? There's a right and wrong way, one doctor explains
The Backlash Against AI Devices That Are Always Watching
Staff complain that xAI is flailing because of constant upheaval
‘Not built right the first time’ — Musk’s xAI is starting over again, again
Anthropic’s forced removal from the U.S. government is threatening critical AI nuclear safety research

© 2026 GoKawiil

About | Editorial Policy | Contact