Windows and macOS Malware Spreads via Fake “Claude Code” Google Ads

Bitdefender researchers have identified a new malvertising campaign leveraging fake Google Ads to distribute malware targeting Windows and macOS users. The campaign specifically exploits interest in Anthropic's Claude large language model, directing users searching for Claude downloads to malicious sites. This technique, known as malvertising, allows attackers to bypass traditional security measures by utilizing legitimate advertising platforms. The impact poses significant risks to users seeking AI tools, potentially leading to system compromise or data theft. While the specific malware family and threat actor remain unidentified in this report, the use of popular AI branding indicates a trend of AI-washing attacks. Users are advised to verify download sources strictly through official vendor websites and avoid clicking on sponsored search results for software downloads. Security teams should monitor for suspicious ad-driven traffic and educate users on the risks of unofficial software channels.

Bitdefender’s security researchers have discovered a malicious Google Ads campaign targeting anyone searching for downloads related to Claude, the large language model developed by Anthropic.

Bitdefender researchers have identified a new malvertising campaign leveraging fake Google Ads to distribute malware targeting Windows and macOS users. The campaign specifically exploits interest in Anthropic's Claude large language model, directing users searching for Claude downloads to malicious sites. This technique, known as malvertising, allows attackers to bypass traditional security measures by utilizing legitimate advertising platforms. The impact poses significant risks to users seeking AI tools, potentially leading to system compromise or data theft. While the specific malware family and threat actor remain unidentified in this report, the use of popular AI branding indicates a trend of AI-washing attacks. Users are advised to verify download sources strictly through official vendor websites and avoid clicking on sponsored search results for software downloads. Security teams should monitor for suspicious ad-driven traffic and educate users on the risks of unofficial software channels. Bitdefender’s security researchers have discovered a malicious Google Ads campaign targeting anyone searching for downloads related to Claude, the large language model developed by Anthropic. Bitdefender’s security researchers have discovered a malicious Google Ads campaign targeting anyone searching for downloads related to Claude, the large language model developed by Anthropic.