## Claude Code Source Code Leak Laced with Vidar Stealer & GhostSocks Malware
A highly anticipated leak of the Claude Code source code has been weaponized, delivering credential-stealing malware to tens of thousands of eager downloaders. The incident transforms what appeared to be a major AI model leak into a significant cybersecurity threat, with attackers exploiting the hype to distribute the Vidar information stealer and GhostSocks proxy malware.

The malware was bundled with the leaked Claude Code files, which circulated widely this week. Victims believed they were accessing proprietary AI source code but instead executed malicious payloads designed to harvest sensitive data like passwords, cookies, and financial information from infected systems. The use of GhostSocks, a tool for creating covert network proxies, suggests the attackers aimed to establish persistent, hidden access within compromised networks.

This attack vector highlights a growing trend of threat actors piggybacking on high-profile software and data leaks to maximize their reach. The Claude Code leak, likely already a significant event for AI developer Anthropic, now carries the added fallout of a widespread malware campaign. It serves as a stark warning for developers and researchers to exercise extreme caution with unofficial sources, as the promise of exclusive access can be a potent lure for sophisticated social engineering attacks.
---
- **Source**: The Register
- **Sector**: The Lab
- **Tags**: malware, data leak, cybersecurity, AI, source code
- **Credibility**: unverified
- **Published**: 2026-04-02 18:27:01
- **ID**: 47812
- **URL**: https://whisperx.ai/en/intel/47812