Sophos X-Ops has uncovered a fake Claude artificial intelligence (AI) website that tricks users into downloading malware, highlighting how cybercriminals are increasingly exploiting the popularity of AI tools to target unsuspecting users.
In a blog post published May 7, Sophos said researchers investigating a fake Claude website discovered not only a malware delivery system but also a previously undocumented backdoor that gives attackers remote access to infected computers.
The malicious website, identified as claude-pro[.]com, closely resembles the legitimate Claude AI site. Visitors are encouraged to download a supposed product called “Claude-Pro Relay,” which arrives as a large compressed file containing malware disguised as a legitimate installer.
Once installed, the malware silently places files on a Windows computer and uses a technique known as DLL sideloading to hide its activity behind trusted software. Sophos said this method has long been associated with malware families such as PlugX, which has been linked to cyberespionage campaigns.
However, researchers found that the final malware delivered by the fake site was not PlugX. Instead, it was a previously unreported backdoor that Sophos named Beagle.
The Beagle malware allows attackers to remotely control infected devices. According to Sophos, operators can execute commands, upload and download files, create directories, rename files, and remove data from a victim’s computer.
“We were unable to find any public reporting about this backdoor and have dubbed it ‘Beagle,'” Sophos researchers wrote in the report.
The malware communicates with command-and-control servers over internet connections commonly used for normal web traffic, making detection more difficult. Sophos also identified several related malware samples dating back to February 2026, suggesting the campaign may have been active for months and continues to evolve.
Researchers said the attack illustrates how threat actors are adapting their tactics to capitalize on growing public interest in AI platforms. Rather than relying on sophisticated technical exploits, attackers are using fake websites, sponsored search results, and search engine manipulation to lure victims into installing malware themselves.
For users in the Philippines, where AI tools such as Claude, ChatGPT, and Gemini continue to gain popularity among students, professionals, and businesses, the campaign serves as a reminder to download software only from official websites and verify web addresses before installing applications.
Sophos said the fake Claude website was relatively simple compared with other impersonation campaigns, but its effectiveness lies in exploiting user trust in well-known AI brands.
The company also noted similarities between this campaign and previous malware operations, although it said additional evidence is needed before linking the attacks to a specific threat actor.