A significant cybersecurity threat has emerged following a source code leak of Anthropic's Claude Code tool, where attackers are leveraging the exposed files to distribute malware. This incident highlights the dangers of leaked software, particularly when it concerns popular tools among developers.

Incident Overview

On March 31, 2026, a security researcher uncovered that Anthropic had accidentally exposed the source code of its Claude Code tool online. This leak, which was reported on social media, revealed approximately 513,000 lines of unobfuscated TypeScript spread across 1,906 files, offering insights into the client-side agent framework of the software.

In a matter of hours, the leaked code was downloaded and mirrored on GitHub, where it was redistributed under various usernames, some repositories quickly gaining tens of thousands of stars and forks due to the popularity of Claude Code.

Malicious Activity Identified

Researchers from Zscaler, while monitoring GitHub for potential threats, identified a particular repository titled "Leaked Claude Code," uploaded by a user with the handle idbzoomh1. The README.md file in this repository claimed that the material was derived from a .map file embedded in an npm package, reconstructed to function as a fork of Claude Code, purportedly offering "unlocked" enterprise features without message limits.

Within this repository, Zscaler found a malicious ZIP archive labeled "Claude Code – Leaked Source Code (.7z)." This archive contained a file named ClaudeCode_x64.exe, described as a Rust-based dropper, which, when executed, would deploy additional malicious software including Vidar v18.7, an information stealer, and GhostSocks, a tool used to proxy network traffic.

Alarmingly, before the repository was taken down, it appeared prominently in Google search results for users seeking the leaked Claude Code, potentially leading many unsuspecting developers to download the malicious files.

Ongoing Threats and Recommendations

As the situation unfolded, Zscaler noted that the threat actor had uploaded multiple versions of the malicious ZIP archive to the repository in quick succession. Furthermore, they discovered that the same malicious code had been uploaded under a different account, my3jie, indicating a coordinated effort by the same group of attackers.

The rising popularity of Claude Code as a development tool makes it an attractive target for scammers and malware distributors. Earlier in the month, cybersecurity experts had already warned about fake or cloned install pages for Claude Code that were surfacing in search results, further complicating the security landscape.

Experts have urged users to exercise caution, emphasizing that leaked proprietary source code should not be mistaken for open-source software. They have advised against downloading, forking, or running code from any GitHub repository claiming to be the "leaked Claude Code." It is critical to verify all sources against official channels to avoid falling victim to these scams.

Conclusion

The Claude Code source leak serves as a stark reminder of the potential risks associated with software vulnerabilities and the exploitation of popular tools by malicious actors. As the cybersecurity landscape continues to evolve, developers must remain vigilant and prioritize security best practices to mitigate risks associated with leaked or fraudulent software.

Source: Help Net Security News