Fake Claude Code installers are deploying PowerShell stealers that abuse Chrome’s IElevator2 interface to extract browser credentials, cookies & payment data from developers

technadu@infosec.exchange

Fake Claude Code installers are deploying PowerShell stealers that abuse Chrome’s IElevator2 interface to extract browser credentials, cookies & payment data from developers.
AI tooling ecosystems are quickly becoming a major attack surface.

Source: https://www.ontinue.com/resource/blog-behind-a-fake-claude-code-installer/

Follow @technadu for more threat intelligence updates.

#Infosec #CyberSecurity #AI #Malware #ThreatIntel

CIRCLE WITH A DOT

Fake Claude Code installers are deploying PowerShell stealers that abuse Chrome’s IElevator2 interface to extract browser credentials, cookies &amp; payment data from developers

Fake Claude Code installers are deploying PowerShell stealers that abuse Chrome’s IElevator2 interface to extract browser credentials, cookies & payment data from developers