Bybit Security Identifies macOS Malware Campaign Targeting Claude Code Searches

Bybit’s Security Operations Center has identified a sophisticated multi-stage malware campaign specifically targeting macOS users who are searching for Claude Code, the AI-powered development tool released by Anthropic. The campaign leverages search engine optimization tactics to direct users toward malicious sites that masquerade as legitimate download portals for the development software. Once a user initiates a download from these compromised sources, the malware executes a series of scripts designed to bypass macOS security protocols and establish persistence on the host machine.

Mechanics of the Multi-Stage Infection

The attack sequence relies on a decoy installer that mimics the official Claude Code distribution package. Upon execution, the malware deploys a secondary payload that scans the local environment for sensitive data, including browser cookies, saved credentials, and private keys associated with digital asset wallets. Bybit’s analysis indicates that the threat actors are specifically looking for high-value targets, such as developers and individuals managing significant crypto holdings, who are likely to be early adopters of new AI coding assistants.

This campaign highlights the increasing risk profile for users interacting with emerging AI tools. Because these tools often require elevated system permissions to function within a local development environment, users are frequently conditioned to bypass standard security warnings. The malware exploits this behavioral pattern to gain unauthorized access to the system without triggering immediate alerts from common endpoint protection software.

Impact on User Security and Asset Custody

The primary objective of this campaign appears to be the exfiltration of private keys and session tokens. For users who manage crypto assets directly on their machines, the compromise of a local development environment can lead to the immediate drainage of wallets. The threat is particularly acute for those who integrate their development workflows with crypto market analysis tools or manage collateral through platforms like BitMEX Integrates Zodia Custody for Off-Exchange Collateral Settlement.

Security teams are advising users to verify the source of all development tools against official documentation provided by Anthropic. Users should also audit their macOS permission settings to ensure that no unauthorized applications have been granted accessibility or disk access rights. The following indicators are common across the identified malicious packages:

• Use of obfuscated shell scripts during the installation phase.
• Requests for administrative passwords that do not align with standard software update procedures.
• Unexpected network traffic originating from the terminal or background processes immediately following installation.

AlphaScala currently tracks various technology and healthcare equities that may be impacted by broader cybersecurity trends. For instance, ON Semiconductor Corporation holds an Alpha Score of 45/100, labeled as Mixed, while Agilent Technologies, Inc. holds an Alpha Score of 55/100, labeled as Moderate. You can find more information on ON stock page and the A stock page.

The next concrete marker for this threat will be the release of updated security signatures by major antivirus vendors and the potential identification of the command-and-control infrastructure used by the attackers. Users should monitor official Anthropic channels for any further guidance regarding the secure distribution of their software tools.