If you have recently installed an AI coding assistant plugin from the JetBrains Marketplace, there is an uncomfortable question worth sitting with: did you actually vet that thing, or did you click Install because the reviews looked decent and the icon was sharp? A coordinated malware campaign has been quietly operating since October 2025, deploying over 15 malicious plugins disguised as AI coding assistants — and two of the most popular ones have surpassed 25,000 downloads each.
The plugins are genuinely crafty. They function exactly as advertised, offering autocomplete suggestions, code generation, and AI assistant features that work just fine. But running quietly in the background, they exfiltrate AI API keys from the developer's environment. New plugin releases appeared as recently as June 10, 2026, indicating this was not a one-time drive-by attack but a sustained, actively maintained campaign. Someone has been carefully tending this malicious garden for eight months.
The two specifically flagged plugins are CodeGPT AI Assistant and DeepSeek AI Assist. If either name rings a bell in your recently installed plugins list, open your OpenAI, Anthropic, or other AI provider dashboards now and check for unusual usage. Revoke any keys that were active in a JetBrains environment over the past several months and generate fresh replacements. The cost of a compromised API key ranges from an annoying charge on your billing statement to someone running an entire LLM inference operation entirely at your expense.
The broader lesson is one the security community has repeated for years: IDE plugin marketplaces are a consistently underguarded attack surface. We scrutinize npm packages (sometimes), we review Docker images (occasionally), but we install IDE plugins with the same breezy energy we use to grab a free sample at a food festival — enthusiastically and without reading the label. Given that those plugins run with full access to your local environment, your file system, and your stored credentials, maybe it is time to start reading the label. Your API invoice will thank you.
Source: The Hacker News