Fake Claude code leak on GitHub pushes Vidar malware

Fake Claude Code leak repos on GitHub are pushing Vidar malware at people hunting for Anthropic’s exposed source code.

Anthropic data leak becomes bait

Threat actors are capitalizing on the recent exposure of Anthropic’s Claude Code source to lure curious developers into downloading malware from fake GitHub repositories. The campaign piggybacks on intense interest that followed the March 31 packaging mistake, when a source map in the npm release exposed more than 500,000 lines of readable TypeScript tied to the terminal-based coding agent.

That visibility appears to have created the perfect condition for opportunistic abuse. Security researchers say attackers quickly reframed the leak as a scarce, “unlocked” or unrestricted build, using GitHub as the staging ground for booby-trapped downloads aimed at users searching for the exposed code.

Search visibility weaponized

According to Zscaler, one malicious repository promoted a supposed Claude Code leak with claims of “enterprise features” and no usage limits. The listing was tuned to surface prominently in Google results for queries related to the leak, giving the operation an extra layer of credibility precisely as public curiosity peaked.

This scenario demonstrates how attackers no longer rely strictly on social engineering inside the payload, but prefer optimizing discovery itself by inserting malicious infrastructure into the path users take while chasing a breaking cybersecurity event.

Vidar malware pushed in GitHub repository

Researchers say victims who retrieved the archive received a Rust-based executable named ClaudeCode_x64.exe. Once launched, it reportedly deployed the Vidar infostealer together with GhostSocks, a tool used to proxy network traffic, and the archive was being updated frequently enough to suggest the campaign could evolve further.

A second repository with similar code was also spotted, indicating the same operator may be testing multiple delivery routes. This pattern is not unheard of, as attackers frequently move quickly during high-profile leaks, vulnerability disclosures or exploit trends, as they create search demand they can easily hijack.

Using dedicated solutions as a safety net

The weaponization of Anthropic’s leak is only one example of how threat actors can capitalize on surging interest in controversial topics. It also demonstrates why caution alone is not always enough.

Using dedicated tools like Bitdefender Ultimate Security can protect you from similar scenarios by helping detect malicious files, blocking suspicious activity and reducing the chances that a lure disguised as a developer tool turns into a fully-fledged compromise.