Claude Code Leak Fuels Vidar Infostealer Campaign via Fake GitHub Repos
What Happened — Threat actors capitalized on Anthropic’s accidental public release of the Claude Code source code by publishing counterfeit GitHub repositories that host a malicious 7‑Zip archive. The archive drops Vidar, a Rust‑based information‑stealer, and the GhostSocks traffic‑proxy tool onto systems that execute the bundled ClaudeCode_x64.exe.
Why It Matters for TPRM —
- A high‑profile AI‑coding tool becomes a lure for supply‑chain‑style malware distribution, expanding the attack surface of any organization that downloads third‑party code.
- The campaign demonstrates how quickly a code leak can be weaponized, underscoring the need for rigorous verification of open‑source assets.
- Vidar exfiltrates credentials, browser data, and cryptocurrency wallets, posing direct data‑loss and financial‑theft risks to downstream vendors and customers.
Who Is Affected — Technology / SaaS firms, AI‑tool providers, software development teams, and any downstream customers that may download or integrate Claude Code artifacts.
Recommended Actions —
- Block downloads of the malicious ClaudeCode_x64.exe and related archives from unverified GitHub sources.
- Enforce strict SBOM checks and provenance verification for all third‑party code, especially AI‑related libraries.
- Conduct threat‑intel monitoring for new “leak‑bait” repositories and update endpoint detection rules for Vidar signatures.
- Educate developers and procurement teams on the risks of downloading “unofficial” releases of high‑profile tools.
Technical Notes — The attack vector is a malicious GitHub repository (search‑engine optimized) delivering a Rust‑based dropper that installs Vidar and GhostSocks. No CVE is involved; the abuse stems from the accidental exposure of a 59.8 MB JavaScript source map in an npm package, revealing 513 k lines of TypeScript. Source: BleepingComputer