Kaspersky has identified a malvertising campaign that targets developers searching for AI coding assistants such as Claude Code and OpenClaw. The campaign displays malicious ads that lead to counterfeit download pages. When users copy and paste the provided code into Windows Command Prompt or macOS Terminal, they inadvertently install infostealer malware—Amatera on Windows and AMOS on macOS. The malware harvests source code, corporate data, credentials, and cryptocurrency wallet information, posing a serious risk to both hobbyist and professional developers. Read more →