this post was submitted on 23 Apr 2026
364 points (97.6% liked)

Technology

84043 readers
9021 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
364
Researcher claims Claude Desktop installs “spyware” on macOS (www.malwarebytes.com)
submitted 1 day ago by throws_lemy@reddthat.com to c/technology@lemmy.world
59 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] terabyterex@lemmy.world 123 points 1 day ago* (last edited 6 hours ago) (23 children)

This blog is on the malwarebytes website. Mslwarebytes says in thr post thst its not fair to call this spyware. This was brought up on the windows side as well.

What is really going on: claude desktop is installing the hooks for the claude browser extension. If you install the browser extension, claude desktop can control the browser. This is the intended behavior so you can have an agent do something like "in the morning, access these three sites, pull down the data and create a newsletter for me" or "please check flight costs throughout the day on these sites" or whatever you want to access the browser for.

This is the whole reason you install claude desktop, to automate your computer.

[–] Epzillon@lemmy.world 1 points 6 hours ago (5 children)

Even if this was an opt-in feature the implementation is still terrible and a massive security hole. If id wanted the desktop app entirely and solely for this purpose i still would not expect my browser extension to have full access to my computer. I understand the app does, not the browser extension.

No matter how you twist and turn this situation Anthtopic has still introduced a major security issue in their application. It might be a bit far to call it malware immediately but it sure does open up a massive attack vector to take advantage of.

The fact that the end user is not even informed or have a choice about this makes it all the more problematic and Anthropic not commenting on it makes me think its either intentional or at the very least already known.

[–] CanIFishHere@lemmy.ca 0 points 5 hours ago (1 children)

Now you're just making stuff up.

[–] Epzillon@lemmy.world 1 points 4 hours ago

Excuse me if im misunderstanding something but what exactly am i making up?

load more comments (3 replies)
load more comments (20 replies)