GoKawiilA fake version for the Claude AI website offers a malicious Claude-Pro Relay download that pushes a previously undocumented backdoor for Windows named Beagle.
The threat actor advertises Claude-Pro as a "high-performance relay service designed specifically for Claude-Code" developers.
The fake website is a simplistic attempt at mimicking the legitimate site for the popular Claude large language model (LLM) and an AI assistant, using similar colors and fonts.
However, the facade falls apart when it comes to links, as they are mere redirects to the front page, researchers at cybersecurity company Sophos say in a report today.
Fake Claude AI website
Source: Sophos
Users landing on “claude-pro[.]com” that fail to see through the deception can only click on a large download button for the malicious resource, a 505MB archive named 'Claude-Pro-windows-x64.zip' that contains an MSI installer allegedly for the Claude-Pro Relay product.
Sophos says that running the binary leads to adding three files to the Startup folder: NOVupdate.exe, NOVupdate.exe.dat, and avk.dll.
The campaign was initially discovered by Malwarebytes, whose researchers say that the 'Pro' installer is a trojanized copy of Claude that works as expected but deploys a PlugX malware chain in the background, giving attackers remote access to the system.
Looking closer at the campaign, Sophos discovered that the first-stage payload was DonutLoader that fetched "a relatively simple backdoor" the researchers call Beagle, with a limited set of commands:
... continue reading