Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines

Researchers Demo New Claude Code Attack Using Harmless-Looking Repositories to Hijack Developer Machines
Mozilla’s 0Din researchers warn that attackers can hide indirect prompts in seemingly normal repositories to trick Claude Code into spawning a reverse shell on a developer’s machine. The payload is delivered through a DNS TXT record and can expose credentials, API keys, and other secrets while evading obvious detection. #ClaudeCode #Mozilla #0Din

Keypoints

  • Attackers hide indirect prompts in normal-looking repositories.
  • Claude Code can be tricked into following a malicious setup flow.
  • An error message prompts the agent to run a recovery command.
  • The recovery path pulls and executes a payload from a DNS TXT record.
  • The attack can spawn a reverse shell and expose secrets on the developer’s system.

Read More: https://www.securityweek.com/new-attack-abuses-claude-code-and-harmless-looking-repositories-to-hijack-developer-machines/