Beware of 'InstallFix' Attacks: Fake Claude Code Sites Spreading Malware
Executive Summary
In March 2026, a cyberattack campaign known as 'InstallFix' targeted developers by creating fake installation pages for Anthropic's Claude Code, an AI coding assistant. These counterfeit sites, promoted through Google-sponsored ads, closely mimicked legitimate pages and instructed users to execute malicious commands in their terminals. This led to the deployment of Amatera Stealer malware, which harvested sensitive information such as browser credentials and cryptocurrency wallets, potentially compromising enterprise development environments.
This incident underscores the growing trend of attackers exploiting the widespread practice of copying and pasting commands from online sources. It highlights the urgent need for heightened vigilance and verification of software installation sources to prevent similar social engineering attacks.
Why This Matters Now
The 'InstallFix' campaign highlights the increasing sophistication of social engineering attacks targeting developers, emphasizing the critical need for verifying software sources and installation commands to prevent unauthorized access and data breaches.
Attack Path Analysis
Attackers utilized malvertising to direct users to cloned installation pages of Anthropic's Claude Code, where they replaced legitimate install commands with malicious ones, leading to the execution of Amatera Stealer malware. Once executed, Amatera Stealer employed advanced evasion techniques to escalate privileges and gain deeper access to the system. The malware then moved laterally within the network, targeting additional systems and resources. It established command and control channels using direct NTSockets, bypassing standard Windows networking APIs to evade detection. Sensitive data, including browser credentials and cryptocurrency wallets, were exfiltrated through encrypted channels to attacker-controlled servers. The attack culminated in the potential for significant data theft and system compromise, impacting organizational operations and data integrity.
Kill Chain Progression
Initial Compromise
Description
Attackers used malvertising to lure users to cloned installation pages of Anthropic's Claude Code, where malicious install commands led to the execution of Amatera Stealer malware.
MITRE ATT&CK® Techniques
Spearphishing Attachment
Web Protocols
Windows Command Shell
File and Directory Discovery
LSASS Memory
Screen Capture
Exfiltration Over C2 Channel
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Ensure all system components are protected from known vulnerabilities
Control ID: 6.2
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA – ICT Risk Management Framework
Control ID: Article 5
CISA ZTMM 2.0 – User Identity and Access Management
Control ID: 2.1
NIS2 Directive – Cybersecurity Risk Management Measures
Control ID: Article 21
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Computer Software/Engineering
High risk from InstallFix infostealer targeting AI coding tools like Claude Code through malicious command injection, compromising developer credentials and enterprise development environments.
Information Technology/IT
Critical exposure to Amatera Stealer through fake AI tool installations, enabling lateral movement and data exfiltration across IT infrastructure via compromised developer access.
Financial Services
Severe threat from credential theft targeting AI-assisted development workflows, potentially exposing sensitive financial systems through compromised developer accounts and inadequate egress controls.
Health Care / Life Sciences
Significant HIPAA compliance risk from infostealer attacks on healthcare development teams using AI coding assistants, threatening patient data through compromised development environments.
Sources
- 'InstallFix' Attacks Spread Fake Claude Code Siteshttps://www.darkreading.com/cloud-security/installfix-attacks-fake-claude-codeVerified
- Fake Claude Code install pages deliver Amatera Stealer through Google Adshttps://anonhaven.com/en/news/fake-claude-code-amatera-stealer-installfix/Verified
- Cloned AI Tool Sites Distribute Malware in 'InstallFix' Campaignhttps://www.securityweek.com/cloned-ai-tool-sites-distribute-malware-in-installfix-campaign/Verified
- Fake Claude Code install pages hit Windows and Mac users with infostealershttps://www.malwarebytes.com/blog/news/2026/03/fake-claude-code-install-pages-hit-windows-and-mac-users-with-infostealersVerified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Aviatrix Zero Trust Cloud Native Security Fabric (CNSF) is pertinent to this incident as it could have constrained the attacker's ability to escalate privileges, move laterally, and exfiltrate data by enforcing strict segmentation and identity-aware policies.
Control: Cloud Native Security Fabric (CNSF)
Mitigation: The initial compromise may have been limited by CNSF's ability to enforce strict identity-based access controls, potentially reducing the likelihood of unauthorized software execution.
Control: Zero Trust Segmentation
Mitigation: Privilege escalation attempts could have been constrained by Zero Trust Segmentation, which may have limited the malware's ability to access higher-privilege resources.
Control: East-West Traffic Security
Mitigation: Lateral movement may have been limited by East-West Traffic Security, which could have restricted unauthorized inter-system communications.
Control: Multicloud Visibility & Control
Mitigation: Command and control communications could have been constrained by Multicloud Visibility & Control, which may have detected and restricted anomalous outbound connections.
Control: Egress Security & Policy Enforcement
Mitigation: Data exfiltration attempts may have been limited by Egress Security & Policy Enforcement, which could have restricted unauthorized data transfers.
The overall impact of the attack could have been reduced by the cumulative effect of CNSF controls, which may have limited the attacker's ability to escalate privileges, move laterally, and exfiltrate data.
Impact at a Glance
Affected Business Functions
- Software Development
- IT Infrastructure
- Data Security
Estimated downtime: 3 days
Estimated loss: $50,000
Potential exposure of developer credentials, access tokens, and sensitive project data.
Recommended Actions
Key Takeaways & Next Steps
- • Implement Egress Security & Policy Enforcement to monitor and control outbound traffic, preventing unauthorized data exfiltration.
- • Deploy Inline IPS (Suricata) to detect and block known exploit patterns and malicious payloads during the initial compromise stage.
- • Utilize Zero Trust Segmentation to enforce least privilege access, limiting lateral movement within the network.
- • Enhance Threat Detection & Anomaly Response capabilities to identify and respond to suspicious activities promptly.
- • Educate users on the risks of copying and executing commands from unverified sources to reduce the likelihood of initial compromise.
