TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Trend Micro Research

Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads

Jeffrey Francis Bonaobra · 2026-04-03 · Read original ↗

ATT&CK techniques detected

14 predictions
T1497.001System Checks
99%
"##s serials : table 5. serial numbers checked for vm detection datacenter cpu : - xeon - epyc motherboard manufacturer blacklist : - virtualbox - google compute engine - virtual machine sandbox dlls : - cuckoomon. dll - sbiedll. dll - sxin. dll - cmdvrt32. dll - cmdvrt64. dll san…"
T1497.001System Checks
98%
"##m bios / motherboard strings : - seabios - bochs - qemu - vrtual - hyper - v - vmware - vbox - innotek - virtual vm driver files : - vmmouse. sys - vmhgfs. sys - vboxmouse. sys - vboxguest. sys - vboxsf. sys - vboxvideo. sys table 4. vm mac prefixes sandbox evasion beyond vm de…"
T1059.001PowerShell
93%
"scheme. first, the data is xor - encoded with key 44. the result is then base64 - encoded for storage. at runtime, the malware reverses this process : # embedded xor - encoded powershell payload $ uowuunxt = ' cfwddbemc28wchlfsv5fcyyixb4meqwocelcwhz4awf8... ' $ umordtbr = [ syste…"
T1059.001PowerShell
88%
"##kmnvk ) ) after xor decryption with key 44 ( 0x2c ), the payload reveals significant windows defender evasion and firewall manipulation capabilities. the decrypted script systematically disables security controls to enable follow - on payloads to execute without interference. t…"
T1195.001Compromise Software Dependencies and Development Tools
76%
"from this campaign by tightening controls around tool installation, validating software sources, and actively monitoring for malicious activity using the following measures. - instruct developers to use verified sources only. legitimate claude code is available only through offic…"
T1497.001System Checks
66%
"malware enumerates running processes to identify debuggers and analysis tools blacklisted processes : - ollydbg. exe - x32dbg. exe - x64dbg. exe - windbg. exe - ida. exe - ida64. exe, - processhacker. exe - procexp. exe - procexp64. exe - wireshark. exe - fiddler. exe, - charles.…"
T1204.002Malicious File
66%
"threat actor accounts include idbzoomh ( taken down by github ), idbzoomh1, and my3jie. the accounts are disposable, as operators demonstrate no attachment to any single identity or lure theme. infection chain the infection chain is consistent across all lure variants : - discove…"
T1195.001Compromise Software Dependencies and Development Tools
51%
"weaponizing trust signals : claude code lures and github release payloads artificial intelligence ( ai ) weaponizing trust signals : claude code lures and github release payloads a packaging error in anthropic ’ s claude code npm release briefly exposed internal source code. this…"
T1195.001Compromise Software Dependencies and Development Tools
47%
"oat ) to hunt for suspicious activity associated with this threat, and are protected by advanced pattern, behavior - monitoring, and signature - based detections. in late march 2026, anthropic inadvertently released the internal claude code source material as part of an npm packa…"
T1587Develop Capabilities
45%
"from this campaign by tightening controls around tool installation, validating software sources, and actively monitoring for malicious activity using the following measures. - instruct developers to use verified sources only. legitimate claude code is available only through offic…"
T1057Process Discovery
42%
"malware enumerates running processes to identify debuggers and analysis tools blacklisted processes : - ollydbg. exe - x32dbg. exe - x64dbg. exe - windbg. exe - ida. exe - ida64. exe, - processhacker. exe - procexp. exe - procexp64. exe - wireshark. exe - fiddler. exe, - charles.…"
T1497Virtualization/Sandbox Evasion
42%
"malware enumerates running processes to identify debuggers and analysis tools blacklisted processes : - ollydbg. exe - x32dbg. exe - x64dbg. exe - windbg. exe - ida. exe - ida64. exe, - processhacker. exe - procexp. exe - procexp64. exe - wireshark. exe - fiddler. exe, - charles.…"
T1588.002Tool
33%
"from this campaign by tightening controls around tool installation, validating software sources, and actively monitoring for malicious activity using the following measures. - instruct developers to use verified sources only. legitimate claude code is available only through offic…"
T1497.001System Checks
33%
"of api calls : getconsolewindow ( ), showwindow ( sw _ hide ), and freeconsole ( ). this prevents users from noticing the command window that would otherwise appear during execution. following initialization, command - line arguments are parsed to determine the execution path. th…"

Summary

A packaging error in Anthropic’s Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and GhostSocks.