Hello,
I wanted to share here something I found while watching a youtube video, that I believe should be covered by Bitdefender, but I want to hear your thoughts on this.
I'm not the one who found out about this, it was a security researcher named n0kk (https://www.youtube.com/@xn0kkx), that posted this youtube video in portuguese (subtitles can be translated):
In it he displays an executable that is capable of sweeping files created with Claude Code (settings.local.json, and more), in Windows and retrieving them to a threat actor. Those files may contain tokens, login info, and many other sensible information.
I also believe people should also be aware of how these kinds of information gets stored and shared in environments, with AI plugged environments that's no different, but today a solid and secure environment for running AIs like claude code requires some technical knowledge.
In the video n0kk also mentions that he uploaded his file to Virustotal, and that some companies already flagged it, but I saw Bitdefender didn't. This is the virustotal page URL:
https://www.virustotal.com/gui/file/fbdf4cd96f009535a4f9e93693fb7e87d5aa75a85f774325deea0bcdfd16ee5f
How would I go about reporting these?
