Cybercriminals Weaponized Claude.ai Shared Chats to Deliver Credential-Stealing Malware
Source: https://www.trendmicro.com/en_us/research/26/f/claudeai-shared-chat-abused-in-malvertising.html
Executive Briefing
- Exploited Google Ads targeting AI developer tool searches to funnel over 2,000 victims toward malicious ClickFix download pages
- Impersonated six AI brands including Claude, ChatGPT Codex, and Cursor IDE across 106 unique malicious hostnames over seven weeks
- Escalated tactics by hosting malicious social engineering instructions directly on claude.ai's legitimate shared chat feature
- Asia-Pacific region accounted for 67.2% of victims, with Taiwan alone representing 30.5%, indicating deliberate geographic ad targeting
- Anthropic banned responsible accounts and disabled malicious chats after being notified by Trend Micro researchers
Sponsored
