Fake Claude Campaign Deploys Malware Through DLL Sideloading Chain

Attackers are abusing interest in Anthropic’s Claude by using a fake website, claude-pro[.]com, to distribute a trojanized Windows installer that leads to a newly documented backdoor called Beagle.

Researchers said the intrusion initially appeared to be a PlugX-style operation because it reused a familiar sideloading chain built around a signed security product file, a malicious DLL, and an encrypted payload.

Fake Claude Malware Sideloading

The fake site copies the look of the real Claude brand. However, it offers a stripped-down experience centered on downloading a file named Claude-Pro-windows-x64.zip, an archive reported to be roughly 505 MB.

Reporting on the campaign indicates the operators likely used malvertising or poisoned search placement to get victims to the page, taking advantage of strong public interest in AI tools.

That social engineering angle is important because the lure does not depend on an unpatched software bug; instead, it relies on users trusting a familiar AI name and downloading software from the wrong place.

Inside the archive is an MSI installer that drops three key files tied to the sideloading routine, including NOVupdate.exe, a malicious avk.dll, and an encrypted data file.

NOVupdate.exe appears to be a signed updater associated with G DATA software, and the attackers abuse that trust by forcing it to load the rogue DLL from its local directory.

This is a classic DLL sideloading move: a legitimate executable runs. However, it loads attacker-controlled code because the expected library has been replaced.

Sophos said that the resemblance was strong enough to point analysts toward PlugX at first. However, closer inspection revealed the chain had been reworked to achieve a different outcome.

Another unusual detail is that the installer reportedly also provides a working copy of Claude as camouflage, making the infection look more like a normal application install and less like a failed fake package.

After the sideloaded DLL runs, it decrypts shellcode that launches DonutLoader, an open-source in-memory loader, before the final payload is installed.

Sophos also found additional 2026 samples on VirusTotal that reused the same XOR key seen in this campaign, including one March sample tied to shellcode related to the AdaptixC2 framework.

Other samples were linked to domains themed around major security brands such as Trellix, CrowdStrike, and SentinelOne, suggesting the operators may be experimenting with multiple fake-brand lures rather than relying solely on Claude-themed infrastructure.

Even so, researchers cautioned that shared code elements alone are not sufficient to prove that all samples belong to a single threat actor, especially when loaders, open-source tools, and legacy infection patterns are frequently reused across campaigns.

Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.

The post Fake Claude Campaign Deploys Malware Through DLL Sideloading Chain appeared first on Cyber Security News.