Attackers are distributing counterfeit installers for popular software like ChatGPT and Claude via GitHub, SourceForge, and compromised YouTube channels, which deliver the DinDoor backdoor and a Deno-based remote access Trojan. The article does not provide a CVSS score, specific affected software versions, fixed versions, or a technical workaround.
Attackers are hosting counterfeit installers and plugins on GitHub and SourceForge that pose as widely used software, including ChatGPT, Claude, AutoTune, Kontakt, Ableton Live, and ZENOLOGY. The downloads deliver a backdoor called DinDoor, which then loads a remote access Trojan built on the Deno JavaScript runtime, according to Malwarebytes. Compromised YouTube channels push victims toward the malicious repositories. The videos promoting the fake tools have accumulated more than 50,000 views. The attackers rotate through GitHub … More → The post Fake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware appeared first on Help Net Security .