Fake Claude AI Installer Delivers PlugX via DLL Sideloading

Cybercriminals are leveraging the buzz around AI chatbots to lure unsuspecting users into malware traps. Security Affairs reports that a fake website, masquerading as Anthropic’s popular Claude AI service, has been caught distributing the notorious PlugX remote access trojan (RAT). The attackers are pushing a ZIP archive, falsely advertised as a “pro version” installer, which silently deploys the PlugX payload.

According to Security Affairs, the malicious site mimics Claude’s official appearance, tricking visitors into downloading what appears to be a legitimate installer. Once executed, the fake Claude application runs as expected, but in the background, it initiates a PlugX infection chain. The initial dropper script drops essential components—NOVUpdate.exe, avk.dll, and an encrypted .dat file—into the Windows Startup folder. The real trick lies in the execution of NOVUpdate.exe, a legitimate, signed updater from G DATA. This trusted executable is manipulated to load a malicious DLL, avk.dll, from the same directory—a classic DLL sideloading technique (MITRE T1574.002). This tactic bypasses security scrutiny by using a seemingly benign, signed parent process.

Once loaded, the malicious avk.dll decrypts and executes the final payload from the .dat file, granting attackers unfettered remote access. This multi-stage approach, featuring a signed executable, a trojanized DLL, and an encrypted payload, is a hallmark of PlugX, a malware family frequently employed in sophisticated cyber-espionage operations. Security Affairs noted that within seconds of execution, the malware establishes communication with a command-and-control server hosted on Alibaba Cloud infrastructure, signaling an immediate compromise and potential data exfiltration.