Developers are being targeted with malware disguised as leaked Claude Code files. The files circulate with the premise that they contain Anthropic's proprietary source code - a lure designed to appeal to developers curious about how the AI coding assistant works under the hood. Download them, and you get malware instead.
This kind of attack is called a trojanized lure - hackers wrap malicious code inside something you'd plausibly want to open. Targeting Claude Code is a calculated choice: it has a large, technically engaged user base, and there's genuine interest in the internals of a tool many developers now rely on daily.
This week's broader security picture includes an FBI warning that attackers compromised its wiretap infrastructure - the tools law enforcement uses to monitor communications. The FBI characterized this as a national security risk. Cisco source code has also been stolen as part of what appears to be an ongoing supply chain attack campaign. Supply chain attacks go after the software and services that other organizations depend on, meaning a single successful breach can spread to many downstream victims.
For Claude Code users: Anthropic has not announced any source code leak. Any files claiming to contain leaked Claude Code source code should be treated as malicious. If you've downloaded anything matching that description recently, run a full malware scan before doing anything else.
The pattern here reflects a broader shift. As AI development tools become standard infrastructure, they become more attractive hooks for social engineering. Hackers follow the tools developers trust most - and right now, that includes Claude Code.