Hackers Use Fake Claude Code Guide and AI PDFs to Spread AsyncRAT Malware

Summary

Cybercriminals are exploiting global AI interest by distributing compressed archives disguised as a Claude Code technical guide to spread AsyncRAT malware on Windows systems. The multi-stage attack uses PowerShell scripts, AES-CBC decryption, Defender exclusion manipulation, and process hollowing to evade detection while displaying decoy AI documents. Evidence suggests human operators designed the attack logic but used generative AI to write code containing Simplified Chinese variable names and unedited comments, indicating poor operational security.

Full text

Security Artificial Intelligence Malware Scams and FraudHackers Use Fake Claude Code Guide and AI PDFs to Spread AsyncRAT Malware Hackers are using fake Claude Code guide and AI PDFs to spread AsyncRAT malware via Windows attack using PowerShell and Defender exclusions. byDeeba AhmedJune 11, 20263 minute read Hackers are exploiting the global interest in artificial intelligence (AI) to trick Windows users into downloading malware, according to the latest research from cybersecurity experts at FortiGuard Labs. In one case spotted by researchers, cybercriminals were distributing a compressed folder disguised as a helpful AI technical guide. The folder was titled “Agentic Coding with Claude Code, The everyday developer’s guide to agentic coding with Claude Code.7z.” It looked completely safe at first glance, but it starts a complex chain of hidden scripts once opened. Understanding the Multi-Stage Attack Chain The attack begins when a victim opens a shortcut file (.lnk) inside the compressed archive. This file runs hidden commands using native Windows components like cmd.exe and findstr, and fetches data from files named 3th.pdf and 4th.pdf. that aren’t real documents but storage containers. Hidden files and the archive (Source: FortiGuard Labs) Now, the attack chain formally starts with a PowerShell script that drops a secondary script into the system’s AppData folder using AES-CBC decryption. This step transfers the malicious code onto the computer in an unreadable format. Next, the malware runs a command to add the entire C:\ drive and PowerShell.exe to Microsoft Defender’s exclusion paths to blind the built-in antivirus software so that it ignores the attack. The third step is abusing AutoHotkey.exe, which is renamed to appear as a legitimate Realtek audio service. This helps the malware blend into the background processes flawlessly. The malware uses process hollowing to create a legitimate .NET process in a suspended state and then injects malicious code into its memory space. This prevents the file from getting stored onto the disk, and the payload easily evades static file scanning. While this happens, the malware displays readable decoy documents titled “AI-Ready PostgreSQL 18 or A Guide for Thinking Marketers in the Age of AI.” This tricks the victim into thinking the download was safe, completely distracting them from the malicious activity in the background. AI Mistakes and Malware Deployment In their report shared with Hackread.com, researchers confirmed that this framework is “purpose-built for stealthy payload delivery” and long-term remote access. The attack chain splits into two branches to drop two specific Remote Access Trojans (RATs). One branch deploys a modular .NET client with surveillance capabilities, while the other installs AsyncRAT. Both tools allow hackers to monitor user desktops, track mouse movements, and upload basic system information to command-and-control servers like shampobiskworld.nl. AI Evidence Interestingly, while determining adversary attribution, researchers found evidence of automated assistance. They noticed that the intermediate PowerShell scripts make heavy use of Simplified Chinese variable names. The code even contains a messy, unedited Chinese comment line and a random emoji. Attack chain (Source: FortiGuard Labs) Researchers conclude that human operators may have designed the overall attack logic but used generative AI tools to write the code quickly. The hackers didn’t remember to sanitize and clean up the scripts before launching the campaign. FortiGuard Labs warns that any organisation can be targeted; therefore, users must monitor for strange scheduled tasks and avoid opening unexpected shortcut files from unverified sources. Expert Insights In statements shared with Hackread.com, Ram Varadarajan, CEO at Acalvio, highlighted the danger of the multi-step nature of this campaign, stating, “This class of attack – via compositional opacity — reflects a growing threat class. Essentially, decomposing the attack into multiple, subtle steps, none of which individually raise a flag, but whose cumulative effect causes the damage.” “We can expect such attacks to become increasingly AI-tuned, hence increasingly subtle, with attacks executed against unwitting humans and AI agents alike. Defending against them will require layered defenses, culminating in AI-aware tripwires,” he warned. Deeba Ahmed Deeba is a veteran cybersecurity reporter at Hackread.com with over a decade of experience covering cybercrime, vulnerabilities, and security events. Her expertise and in-depth analysis make her a key contributor to the platform’s trusted coverage. View Posts AsyncRATClaude CodeCyber AttackCybersecurityMalwarePDFRATScamWindows Leave a Reply Cancel reply View Comments (0) Related Posts Read More Security DNS Tunneling Used for Stealthy Scans and Email Tracking Hackers are hiding malicious messages in everyday internet traffic! Learn how DNS tunneling works and how to protect yourself from this sneaky cyberattack. Stop hackers from scanning your network and tracking your clicks. byDeeba Ahmed Security Surveillance Technology US Air Force EC-130H Aircraft with Hacking Kit can Hack Enemy Networks United States Air Force at the Air and Space conference held in Maryland, has unveiled a specifically designed aircraft named… byFarzan Hussain Security Phishing Scam “I think you appear in this video” phishing scam hijacks Facebook accounts "I think you appear in this video" Facebook phishing scam is spreading like wildfire. byWaqas Read More Security Crypto Hacking News ETH Founder Vitalik Buterin’s X (Twitter) Hacked, $700k Stolen The hacker enticed victims with a malicious link, promising free commemorative NFTs and stole all the funds once they connected their wallets. byDeeba Ahmed

Indicators of Compromise

• domain — shampobiskworld.nl
• malware — AsyncRAT
• malware — AutoHotkey.exe (disguised as Realtek audio service)

Entities