All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Fake Claude Code Installers on Google Sites Steal Credentials via ClickFix Attack

By

Tushar Subhra Dutta

1mo ago· 5 min readenNews

Summary

Cybercriminals are exploiting the popularity of AI developer tools like Claude Code and OpenAI Codex by hosting fake installer pages on trusted Google Sites infrastructure. The campaign uses a ClickFix technique, tricking victims into running commands that appear to be part of a legitimate setup process but instead steal credentials and sensitive personal data from their devices. No traditional file download occurs, making the attack harder to detect.

Source

bskyFake Claude Code Installers on Google Sites Steal Credentials via ClickFix Attackcybersecuritynews.com

Key quotes

· 4 pulled
Cybercriminals have found a new and clever way to exploit the growing popularity of AI developer tools.
A recently identified campaign uses fake pages mimicking Claude Code and OpenAI Codex, hosted on trusted Google Sites infrastructure, to trick users into running commands that quietly steal their credentials and other sensitive personal data from their devices.
The attack follows a technique known as ClickFix, where victims are shown what looks like a legitimate setup page and told to execute a short command.
There is no file downloaded in the traditional sense.
Snippet from the RSS feed
Cybercriminals have found a new and clever way to exploit the growing popularity of AI developer tools. A recently identified campaign uses fake pages mimicking Claude Code and OpenAI Codex, hosted on trusted Google Sites infrastructure, to trick users in

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.