Fake Claude AI Website Distributes Beagle Backdoor Malware

Sophos identified a malicious campaign distributing the Beagle backdoor via a fake Claude AI website targeting Windows users. The attack chain involves DLL sideloading to deploy DonutLoader, which subsequently loads the Beagle backdoor, a previously undocumented malware strain. The fake site mimics the legitimate Claude AI platform to trick victims into downloading the payload. No specific dates, affected user counts, or CVE IDs were disclosed in the findings. The backdoor enables persistent access and data exfiltration on compromised systems. The campaign highlights the use of social engineering to distribute advanced malware through trusted software impersonation.