What the Fake AI Installers Campaign Is and Why It Targets Developers
The fake AI installers campaign is a malware distribution scheme where attackers impersonate popular tools like ChatGPT and Claude on trusted code-hosting platforms to trick developers and power users into running terminal commands that silently install a remote access Trojan based on the Deno runtime and open a long-term backdoor for surveillance, data theft, and crypto wallet stealing. Attackers host counterfeit installers and plugins on GitHub and SourceForge, presenting them as ChatGPT, Claude, music production tools, and other attractive downloads. Compromised YouTube channels with AI-generated videos funnel viewers toward these repositories, and some videos have gained more than 50,000 views, amplifying the GitHub malware threat. Developers and creators are especially exposed because they often trust popular repositories and are comfortable copying install commands from readme files. That habit becomes a serious developer security risk when the command pulls a malicious MSI or PowerShell script instead of a legitimate installer.
How Deno RAT Malware Infects Systems Through GitHub and SourceForge
Once a victim copies the suggested command into a terminal, the script downloads an MSI installer or PowerShell script from GitHub and runs a multi-stage infection. It installs Scoop and WinGet, then uses them to install the legitimate Deno JavaScript runtime, which is later abused to launch the DinDoor backdoor from a remote server. Crucially, the next stage of Deno RAT malware is executed in memory via standard input, meaning it never lands on disk where traditional antivirus tools expect to see it. DinDoor sets persistence using a registry Run key and sends host details to a command-and-control server, which then can deploy additional payloads such as the Deno-based RAT known as Smokest. By chaining trusted platforms (GitHub, SourceForge) with legitimate tools (Scoop, WinGet, Deno), attackers make their fake AI installers appear harmless and reduce the chance of immediate detection.
Inside Deno RAT: Crypto Wallet Stealing and Stealth Screen Streaming
The Deno-based RAT gives attackers extensive remote control over infected systems. It can run arbitrary commands and PowerShell scripts, capture screenshots, manage files, and start or stop processes, turning a developer workstation into a fully controlled asset. Its stealer module is tuned for crypto wallet stealing, targeting more than 50 browser wallet extensions and 10 standalone wallet apps, including Atomic Wallet, Exodus, Electrum, and ByteCoin. It also harvests data from Chromium-based browsers like Chrome, Brave, Edge, Opera, and Vivaldi, along with messaging tools such as Telegram, Discord, and Lightcord. One of its most worrying features is stealth monitoring: it secretly launches Microsoft Edge, connects over the Chrome DevTools Protocol, and injects a WebRTC page to stream live video of the victim’s screen. Because this traffic flows through a legitimate browser process, the screen sharing is harder for network monitoring tools to flag.
Why Developers Are Uniquely Exposed to This GitHub Malware Threat
Developers, creators, and AI enthusiasts are prime targets for this campaign because they frequently search for new tools, plugins, and enhancements on open repositories and community mirrors. They also tend to trust GitHub-hosted scripts and expect to install software through command-line instructions. According to Malwarebytes, “The fake software appears designed to target creators, AI enthusiasts, gamers, and technically inclined users who are more likely to download unofficial tools, cracked software, or community-distributed installers from sites like GitHub and SourceForge.” That profile makes the developer security risk especially high: one careless copy‑paste can install a persistent backdoor on a machine that may hold API keys, SSH keys, source code, and cryptocurrency wallets. The mix of fake AI installers, familiar tooling, and AI-themed YouTube promotions makes the whole attack chain look routine, even professional, to the average technical user.
Detection and Prevention: How to Stay Safe from Fake AI Installers
To reduce the risk from these fake AI installers, treat any non-official ChatGPT or Claude download as suspect, especially if it comes from a random GitHub account, SourceForge project, or YouTube description link. Always verify that installers come from the vendor’s official website or store and avoid repositories that demand you paste opaque curl | bash or PowerShell commands into a terminal. On endpoints, watch for suspicious behavior such as unexpected installation of Scoop or WinGet, new registry Run keys referencing Deno, or background instances of Microsoft Edge with debug ports open. Where possible, enforce code-signing checks on installers and scripts and enable real-time security scanning on development machines, not only on production systems. Finally, educate teams about the GitHub malware threat: review any community scripts before execution and prefer package managers and extensions that provide clear provenance and verifiable signatures.