this post was submitted on 23 Apr 2026

291 points (97.7% liked)

Technology

84699 readers

5313 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

291

Researcher claims Claude Desktop installs “spyware” on macOS (www.malwarebytes.com)

submitted 3 weeks ago by throws_lemy@reddthat.com to c/technology@lemmy.world

60 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[–] terabyterex@lemmy.world 109 points 3 weeks ago* (last edited 2 weeks ago) (14 children)

This blog is on the malwarebytes website. Malwarebytes says in thr post thst its not fair to call this spyware. This was brought up on the windows side as well.

What is really going on: claude desktop is installing the hooks for the claude browser extension. If you install the browser extension, claude desktop can control the browser. This is the intended behavior so you can have an agent do something like "in the morning, access these three sites, pull down the data and create a newsletter for me" or "please check flight costs throughout the day on these sites" or whatever you want to access the browser for.

This is the whole reason you install claude desktop, to automate your computer.

[–] midribbon_action@lemmy.blahaj.zone 30 points 3 weeks ago

The article says that is the intended use, I agree this is just bad implementation, but it's bad because it not only allows control one way, from the app to the browser, it also allows it the other way: browser extensions with an ID that matches one of the allowed ones can access userspace, without asking. That is a huge attack surface that is installed without any consent.

[–] TootGuitar@sh.itjust.works 19 points 3 weeks ago* (last edited 3 weeks ago) (8 children)

I agree that this doesn’t rise to the level of “spyware,” but it is extra sneaky/slimy, and it absolutely, IMO, makes your system less secure for no good reason. They could just have a prompt in the UI the first time you attempt to use a feature that requires the native messaging host, which says something like “we need to install extra software to communicate with Chrome, OK?” This is the ethical thing to do.

It’s especially sketchy that they’re preemptively installing it in the right directories for multiple Chromium-based browsers, even ones that aren’t installed on your system.

load more comments (8 replies)

[–] criss_cross@lemmy.world 13 points 3 weeks ago

I would not assume a chatbot app would auto create hooks into a browser like this. That’s not a reasonable assumption to make.

[–] homesweethomeMrL@lemmy.world 7 points 3 weeks ago

It also uses your credentials to do so and doesn't ask any permissions for any of it including whatever else it wants to do outside the browser sandbox where it lives. Anthropic can easily remedy the situation but they didn't set it up that way. And the question is why.

Not calling it spyware is like not calling McDonald's "food". While technically true, it's just how it works.

I don't think it's actually doing anything nefarious yet. fwiw.

[–] TacoEvent@lemmy.zip 3 points 3 weeks ago (1 children)

Side question, are the typos intentional?

[–] FearfulSalad@ttrpg.network 6 points 3 weeks ago (1 children)

Mobile keyboard without spellcheck, I make thr exact same typos as thst poster with my thick fingers.

[–] ILikeBoobies@lemmy.ca 2 points 3 weeks ago

Or it's an iPhone, they sometimes don't input pressed letters or input the wrong one.

[–] pluge@piefed.social 3 points 3 weeks ago (1 children)

This is a little disengenuous...the browser extension ≠ the desktop app. Some people install the app and only use the chat feature. Some use cowork but would never want to use the browser extension. Assuming that installing a desktop app means you should also want the browser extension is just bad logic.

[–] terabyterex@lemmy.world 5 points 3 weeks ago

You cant access the browser unless you insta the extension. The desktop app just places jooks for the extension if it is ever installed. It wont work with out the extension

load more comments (8 replies)

[–] einfach_orangensaft@sh.itjust.works 24 points 3 weeks ago (2 children)

American softwar company spying on its users...more news at 8

[–] inari@piefed.zip 8 points 3 weeks ago (1 children)

Like Apple Itself: https://appleinsider.com/articles/13/06/06/apple-reportedly-last-company-to-join-governments-prism-data-mining-program

[–] homesweethomeMrL@lemmy.world 6 points 3 weeks ago

For its part, Apple has denied the claims, saying in a statement to The Wall Street Journal, "We have never heard of PRISM. We do not provide any government agency with direct access to our servers."

load more comments (1 replies)

[–] roserose56@lemmy.zip 11 points 3 weeks ago (1 children)

You guys use AI? That's bad for you.

[–] Eyekaytee@aussie.zone 8 points 3 weeks ago

This is like saying, you use google? don't you know it's bad for you

it convinces no one

[–] ApertureUA@lemmy.today 4 points 3 weeks ago

Spyware installs spyware

[–] moseschrute@lemmy.world 4 points 3 weeks ago (1 children)

I didn’t read the article, but imo better criticism would be how bad Claude engineering has been these past few weeks.

Theo did a video walking through just how bad Claude’s desktop app is. Like it’s embarrassingly bad for a company that claims to have a model so powerful that it spits out zero-day exploits like a vending machine.

https://m.youtube.com/watch?v=WkHdkwDQJ5o

[–] andallthat@lemmy.world 1 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Mythos? Nah, too busy working for the Government and high-profile customers. The Claude Desktop app was done by a couple of new AI models that are interning at Anthropic, hoping one day to work on the cooler stuff.

[–] moseschrute@lemmy.world 1 points 3 weeks ago

So anthropic is admitting inters are smarter than its models :)

[–] ColdWater@lemmy.ca 3 points 3 weeks ago

182

[–] al_nusra@lemmy.world 1 points 3 weeks ago

Can you even do that? Like it is MacOS. it rusn everything in sandboxed enviournment doesnt it? This might be misleading. prove me wrong

load more comments