Hackers Exploit AI Coding Tools For Infostealers

Kaspersky warns that hackers are using malvertising to push fake download pages for popular AI coding assistants like Claude Code and OpenClaw, leading users to install infostealer malware. The campaign, detected recently, serves platform-specific strains—Amatera on Windows and AMOS on macOS—risking API keys, browser credentials, and proprietary code; experts advise using official documentation and verified repositories instead of sponsored search ads.
Key Points
- 1Deliver malvertising that serves fake AI-tool downloads to install infostealer malware on developer systems
- 2Targeted attacks deploy Amatera on Windows and AMOS on macOS to exfiltrate credentials and wallets
- 3Warn practitioners to avoid sponsored ads and use official docs or verified repositories like GitHub
Scoring Rationale
Credible Kaspersky alert highlights tangible developer risk; limited novelty and reporting depth modestly constrain broader impact.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems

