Threat Actors Leverage Claude Code Leak as Social Engineering Lure to Distribute Malicious Payloads via GitHub
Cybercriminals are exploiting the Claude Code leak by distributing trojanized versions of the leaked source code through GitHub repositories. These malicious repositories deliver payloads such as Vidar stealer version 18. 7 and the GhostSocks trojan. The campaign leverages social engineering tied to a high-profile security incident to trick victims into deploying malware. Multiple IP addresses, domains, and file hashes have been identified as indicators of compromise. Organizations are advised to implement Zero Trust architecture to mitigate risks from these trojanized AI agents and shadow AI instances. There is no official patch or fix since this is an abuse of leaked code and social engineering rather than a software vulnerability. The threat is assessed as medium severity based on the available information.
AI Analysis
Technical Summary
Threat actors are using the recent Claude Code leak as a social engineering lure to distribute malware via GitHub repositories. They create trojanized versions of the leaked Claude source code that include malicious payloads such as Vidar stealer v18.7 and the GhostSocks trojan. This campaign demonstrates rapid opportunistic exploitation of a high-profile code leak, with compromised GitHub repositories serving as delivery mechanisms. Command and control infrastructure has been identified across multiple IP addresses and domains. The threat does not stem from a software vulnerability but from malicious repackaging and social engineering. Multiple indicators including IPs, domains, URLs, and file hashes have been identified to help detect this activity.
Potential Impact
The impact involves potential compromise of systems that download and execute the trojanized Claude code from malicious GitHub repositories. The delivered malware includes information stealers (Vidar stealer) and trojans (GhostSocks), which can lead to data theft, unauthorized access, and further compromise. The threat leverages social engineering tied to a high-profile AI code leak to increase victim trust and likelihood of execution. There is no direct vulnerability in the original Claude code; the risk arises from malicious actors repackaging and distributing malware under the guise of leaked code.
Mitigation Recommendations
There is no official patch or fix because this threat involves malicious use of leaked code and social engineering rather than a software vulnerability. Organizations should implement Zero Trust architecture principles to reduce risk from shadow AI instances and trojanized agents. Avoid downloading or executing code from untrusted or unofficial GitHub repositories, especially those claiming to contain leaked Claude source code. Monitor for and block known indicators of compromise such as the listed IP addresses, domains, URLs, and file hashes. User education on social engineering risks related to high-profile leaks is also recommended.
Indicators of Compromise
- ip: 94.228.161.88
- hash: 3388b415610f4ae018d124ea4dc99189
- hash: 77c73bd5e7625b7f691bc00a1b561a0f
- hash: 81fb210ba148fd39e999ee9cdc085dfc
- hash: 8660646bbc6bb7dc8f59a764e25fe1fd
- hash: 9a6ea91491ccb1068b0592402029527f
- hash: d8256fbc62e85dae85eb8d4b49613774
- hash: 4c3b9af7995072965e763fca0e472f00b84a8aea
- hash: 7798feb26b98bb11f758d68e10fed0e0d7c78881
- hash: 7942f7097e151f90cb5c9f579042c36133e93306
- hash: dff9ea007c0b24d35fd7393313c64a4b42ed1109
- hash: 06f63fe3eba5a2d1e2177d49f25721c2bdd90f3c46f19e29740899fa908453bf
- hash: 7d5e84dd59165422f31a5a0e53aabba657a6fbccc304e8649f72d49e468ae91a
- hash: afa34c71a45f21d599c0bd90ac9026f68727aab0019c3b378956401475180c9c
- hash: b4554c85f50c56d550d6c572a864deb0442404ddefe05ff27facb3cbfb90b4d6
- ip: 147.45.197.92
- url: https://147.45.197.92:443
- url: https://94.228.161.88:443
- url: https://rti.cargomanbd.com
- domain: rti.cargomanbd.com
Threat Actors Leverage Claude Code Leak as Social Engineering Lure to Distribute Malicious Payloads via GitHub
Description
Cybercriminals are exploiting the Claude Code leak by distributing trojanized versions of the leaked source code through GitHub repositories. These malicious repositories deliver payloads such as Vidar stealer version 18. 7 and the GhostSocks trojan. The campaign leverages social engineering tied to a high-profile security incident to trick victims into deploying malware. Multiple IP addresses, domains, and file hashes have been identified as indicators of compromise. Organizations are advised to implement Zero Trust architecture to mitigate risks from these trojanized AI agents and shadow AI instances. There is no official patch or fix since this is an abuse of leaked code and social engineering rather than a software vulnerability. The threat is assessed as medium severity based on the available information.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Threat actors are using the recent Claude Code leak as a social engineering lure to distribute malware via GitHub repositories. They create trojanized versions of the leaked Claude source code that include malicious payloads such as Vidar stealer v18.7 and the GhostSocks trojan. This campaign demonstrates rapid opportunistic exploitation of a high-profile code leak, with compromised GitHub repositories serving as delivery mechanisms. Command and control infrastructure has been identified across multiple IP addresses and domains. The threat does not stem from a software vulnerability but from malicious repackaging and social engineering. Multiple indicators including IPs, domains, URLs, and file hashes have been identified to help detect this activity.
Potential Impact
The impact involves potential compromise of systems that download and execute the trojanized Claude code from malicious GitHub repositories. The delivered malware includes information stealers (Vidar stealer) and trojans (GhostSocks), which can lead to data theft, unauthorized access, and further compromise. The threat leverages social engineering tied to a high-profile AI code leak to increase victim trust and likelihood of execution. There is no direct vulnerability in the original Claude code; the risk arises from malicious actors repackaging and distributing malware under the guise of leaked code.
Mitigation Recommendations
There is no official patch or fix because this threat involves malicious use of leaked code and social engineering rather than a software vulnerability. Organizations should implement Zero Trust architecture principles to reduce risk from shadow AI instances and trojanized agents. Avoid downloading or executing code from untrusted or unofficial GitHub repositories, especially those claiming to contain leaked Claude source code. Monitor for and block known indicators of compromise such as the listed IP addresses, domains, URLs, and file hashes. User education on social engineering risks related to high-profile leaks is also recommended.
Technical Details
- Author
- AlienVault
- Tlp
- white
- References
- ["https://www.zscaler.com/blogs/security-research/anthropic-claude-code-leak"]
- Adversary
- null
- Pulse Id
- 69dcfb8e8ffc72d13aa8e7fe
- Threat Score
- null
Indicators of Compromise
Ip
| Value | Description | Copy |
|---|---|---|
ip94.228.161.88 | — | |
ip147.45.197.92 | — |
Hash
| Value | Description | Copy |
|---|---|---|
hash3388b415610f4ae018d124ea4dc99189 | — | |
hash77c73bd5e7625b7f691bc00a1b561a0f | — | |
hash81fb210ba148fd39e999ee9cdc085dfc | — | |
hash8660646bbc6bb7dc8f59a764e25fe1fd | — | |
hash9a6ea91491ccb1068b0592402029527f | — | |
hashd8256fbc62e85dae85eb8d4b49613774 | — | |
hash4c3b9af7995072965e763fca0e472f00b84a8aea | — | |
hash7798feb26b98bb11f758d68e10fed0e0d7c78881 | — | |
hash7942f7097e151f90cb5c9f579042c36133e93306 | — | |
hashdff9ea007c0b24d35fd7393313c64a4b42ed1109 | — | |
hash06f63fe3eba5a2d1e2177d49f25721c2bdd90f3c46f19e29740899fa908453bf | — | |
hash7d5e84dd59165422f31a5a0e53aabba657a6fbccc304e8649f72d49e468ae91a | — | |
hashafa34c71a45f21d599c0bd90ac9026f68727aab0019c3b378956401475180c9c | — | |
hashb4554c85f50c56d550d6c572a864deb0442404ddefe05ff27facb3cbfb90b4d6 | — |
Url
| Value | Description | Copy |
|---|---|---|
urlhttps://147.45.197.92:443 | — | |
urlhttps://94.228.161.88:443 | — | |
urlhttps://rti.cargomanbd.com | — |
Domain
| Value | Description | Copy |
|---|---|---|
domainrti.cargomanbd.com | — |
Threat ID: 69dd01db82d89c981ff9dd14
Added to database: 4/13/2026, 2:46:51 PM
Last enriched: 4/13/2026, 3:02:05 PM
Last updated: 4/14/2026, 8:15:02 AM
Views: 11
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.