Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Staff Editor 2026-06-17
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

https://thehackernews.com/2026/06/malicious-jetbrains-plugins-steal-ai.html

Publish Date: 2026-06-17 05:41:00

Source Domain: thehackernews.com

Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys.

“Every plugin poses as an AI coding assistant built on DeepSeek and other large language models, offering chat, commit messages, code review, bug finding, and unit tests,” Aikido Security researcher Ilyas Makari said. “They function exactly as advertised. However, the AI provider API key you enter gets exfiltrated to a server controlled by the attacker.”

The activity is said to have been ongoing since the end of October 2025, with new plugins released as recently as June 10, 2026. Two of the plugins, CodeGPT AI Assistant and DeepSeek AI Assist, have more than 25,000 downloads each, although it’s not clear if the counts are authentic or if they have been inflated to fake their popularity.

The complete list of plugins is below –

  • DeepSeek Junit Test (org.sm.yms.toolkit)
  • DeepSeek Git Commit (com.json.simple.kit)
  • DeepSeek FindBugs (org.bug.find.tools)
  • DeepSeek AI Chat (org.translate.ai.simple)
  • DeepSeek Dev AI (com.yy.test.ai.simple)
  • DeepSeek AI Coding (com.dev.ai.toolkit)
  • AI FindBugs (com.json.view.simple)
  • AI Git Commitor (com.my.git.ai.kit)
  • AI Coder Review (org.check.ai.ds)
  • DeepSeek Coder AI (com.review.tool.code)
  • AI Coder Assistant (org.code.assist.dev.tool)
  • DeepSeek Code Review (com.coder.ai.dpt)
  • CodeGPT AI Assistant (com.my.code.tools)
  • DeepSeek AI Assist (ord.cp.code.ai.kit)
  • Coding Simple Tool (com.dp.git.ai.tool)

Aikido Security said all 15 plugins share a similar codebase, requiring users to open the settings panel and enter an API key for an AI like OpenAI, SiliconFlow, or DeepSeek in order to carry out the promised functionality.

While the plugins work as they are intended to, they have been found to sneak in the ability to covertly siphon the provided API key to a remote server (“39.107.60[.]51”) under…

Source

More Stories

Metro Atlanta city discloses cybersecurity incident – WSB-TV Channel 2

Metro Atlanta city discloses cybersecurity incident – WSB-TV Channel 2

Staff Editor 2026-06-20
Unfixable security flaw affects seven iPhone models

Unfixable security flaw affects seven iPhone models

Staff Editor 2026-06-20
New Prinz Eugen ransomware prioritizes recent files for encryption

New Prinz Eugen ransomware prioritizes recent files for encryption

Staff Editor 2026-06-20

Terms and Conditions - Privacy Policy