How Infostealers Hide in AI Tools

Imagine searching for a cutting-edge AI assistant to boost your productivity—only to unknowingly download malware. Cybercriminals are exploiting the popularity of AI tools like Claude Code and OpenClaw to distribute infostealers, targeting both individuals and organizations. Let’s uncover how these attacks work and how to defend against them.

How Attackers Exploit AI Tool Searches

Threat actors are leveraging Google Ads and search results to trick users into installing malicious software. When users search for tools like "Claude Code download" or "OpenClaw setup," they’re often directed to fake documentation sites. These pages mimic legitimate AI tool interfaces, offering installation commands that deploy infostealers instead of helpful AI agents.

The Fake Documentation Trap

Attackers use platforms like Squarespace to build convincing phishing sites. For example, a user searching for macOS-specific tools might encounter a page mimicking the real Claude Code documentation. The site instructs them to run a command like curl—which actually installs the AMOS infostealer. Similarly, Windows users are targeted with the Amatera infostealer via the mshta.exe utility.

The Malicious Payloads Deployed

These campaigns are highly tailored. On macOS, the AMOS spyware steals browser data, crypto-wallets, and user files. On Windows, Amatera sends stolen information to a remote server at 144.124.235.102. The malware often masquerades as workflow automation tools like OpenClaw or the Chinese AI assistant Doubao.

AMOS for macOS

• Installs via curl command-line utility
• Steals sensitive data including browser credentials
• Targets users seeking AI-powered coding tools

Amatera for Windows

• Uses mshta.exe to execute HTML-based payloads
• Exfiltrates crypto-wallet information and user files
• Exploits unapproved AI tool searches by employees

Protecting Your Organization from Infostealers

With AI tools becoming mainstream, the risks of shadow AI adoption are growing. Here’s how to mitigate these threats:

1. Educate Employees

Many employees bypass corporate IT policies to access trending AI tools. Use platforms like Kaspersky Automated Security Awareness to train staff on recognizing phishing sites and avoiding unverified downloads.

2. Deploy Cybersecurity Solutions

Ensure all devices are protected with advanced threat detection tools. Solutions like Kaspersky Endpoint Security can block malicious scripts and prevent unauthorized data exfiltration.

3. Monitor AI Tool Usage

Track employee use of third-party AI tools. Approve only verified platforms and consider integrating AI tools into your organization’s security framework.

Stay Ahead of AI-Driven Threats

The rise of AI agents brings both innovation and risk. By understanding how infostealers exploit AI tool searches, you can protect your data and systems. For more insights, explore our Securelist article on minimizing shadow AI risks.

Take action today: Audit your organization’s AI tool policies and update your cybersecurity training programs. The next attack could be just a Google search away.