← Back to BrewedIntel
malwarehighDLL SideloadingRemote Access TrojanPlugX RAT

Apr 13, 2026 • Ionut Arghire

Fake Claude Website Distributes PlugX RAT

Security researchers have identified a fake Claude website distributing the PlugX RAT (Remote Access Trojan). The malicious campaign mimics the legitimate...

Source
SecurityWeek
Category
malware
Severity
high

Executive Summary

Security researchers have identified a fake Claude website distributing the PlugX RAT (Remote Access Trojan). The malicious campaign mimics the legitimate Anthropic Claude installation to deceive users. The malware employs DLL sideloading techniques to execute malicious code within a trusted process, making detection more difficult. Additionally, the malware includes self-cleanup functionality to remove traces after execution. Users should verify website URLs before downloading software and ensure they are using official Anthropic sources. Organizations should implement robust endpoint detection, monitor for DLL sideloading patterns, and educate users about the risks of downloading software from unofficial sources.

Summary

The malware mimics the legitimate Anthropic installation, relies on DLL sideloading, and cleans up after itself. The post Fake Claude Website Distributes PlugX RAT appeared first on SecurityWeek .

Published Analysis

Security researchers have identified a fake Claude website distributing the PlugX RAT (Remote Access Trojan). The malicious campaign mimics the legitimate Anthropic Claude installation to deceive users. The malware employs DLL sideloading techniques to execute malicious code within a trusted process, making detection more difficult. Additionally, the malware includes self-cleanup functionality to remove traces after execution. Users should verify website URLs before downloading software and ensure they are using official Anthropic sources. Organizations should implement robust endpoint detection, monitor for DLL sideloading patterns, and educate users about the risks of downloading software from unofficial sources. The malware mimics the legitimate Anthropic installation, relies on DLL sideloading, and cleans up after itself. The post Fake Claude Website Distributes PlugX RAT appeared first on SecurityWeek . The malware mimics the legitimate Anthropic installation, relies on DLL sideloading, and cleans up after itself. The post Fake Claude Website Distributes PlugX RAT appeared first on SecurityWeek .

Linked Entities

  • PlugX RAT
Read original source