Malicious AI Coding Extensions Steal Code and Data, Sending it to China

The 'MaliciousCorgi' campaign exposes a critical vulnerability in the software development ecosystem, where seemingly benign AI coding assistants are used to exfiltrate sensitive code and user data. Two VS Code extensions, with a combined 1.5 million installs, were found to be secretly capturing every file opened and every edit made, sending the data to servers in China without consent or disclosure. The extensions also employed hidden iframes to profile users using commercial analytics SDKs. This incident highlights the inherent risks associated with granting broad access to code editors and the potential for malicious actors to exploit developer trust. The fact that these extensions functioned as advertised, providing helpful AI-powered responses, made them particularly dangerous, as they were able to operate undetected while silently harvesting data. The discovery of this campaign underscores the need for greater scrutiny and security measures in software marketplaces, as well as increased awareness among developers about the potential risks associated with AI coding assistants. This event serves as a stark reminder of the importance of vigilance and the need for robust security practices in the face of evolving cyber threats.