Cursor IDE Malware Extension Compromise in $500k Crypto Heist

Cursor IDE, as many are aware, is a fork of the open source and popular VS Code IDE project from Microsoft. Similarly to VS Code, Cursor has support for IDE extensions, which prompts many developers to migrate over with their favorite extensions and long-lived workflows, shortcuts, themes, and other configurations.

Back in May 2021, Snyk’s Security Labs conducted research that uncovered VS Code extensions vulnerable to insecure code patterns. These security vulnerabilities in the VS Code ecosystem could make developers susceptible to remote attacks through 1-click remote code execution exploitation and other forms and shapes of security vulnerabilities.

Last week, A developer who relied on the Cursor IDE, known for its agentic AI coding assistance workflow and popularly adopted by developers, was reported to be the cause of cryptocurrency malware circulating through Cursor IDE extensions that hit a developer working in the cryptocurrency industry.

About the Cursor IDE malware

Developers often install extensions that help augment their coding workflows, and in the case of the developer in this incident, the case isn’t any different.

A “Solidity Language” IDE extension on Cursor was reported to be the root cause, spreading through the bundled JavaScript file extension.js. Once this extension was obtained and installed from a third-party and unofficial registry - the Open VSX Registry - it executed a PowerShell script to continue the exfiltration and crypto hijacking.

The Open VSX Registry reported more than 50,000 downloads before its removal on July 2nd, but no further evidence is known as to its impact or spread beyond the developer in this incident.

The impact of this Cursor IDE extension malware was roughly $500,000 in cryptocurrency assets that were stolen from the developer in a heist that involved a developer who fell victim to trusting third-party components.

As provided by Kaspersky’s research, the following screenshot shows the search results for the “solidity” keyword, demonstrating how the results for the malware (in red) would look:

VS Code response and takeaways

The VS Code team shared on X that their marketplace team removed the malicious extension a few seconds after it was published.

As a learning action item to be adopted from this incident is to never rely on unofficial third-party resources, always apply the utmost scrutiny when relying on new or unvetted extensions and as the old security saying goes: “trust but verify” - even if you established trust, audit the extension, read the code and keep a close eye on future releases, updates, maintainer identity and more.

About VS Code vulnerable IDE extensions

Malicious extensions may seem like a far away dooms day scenario but normal, trusted, VS Code extensions might expose you to similar cybersecurity risks.

What’s the worst that could happen if you install a vulnerable Browser preview extension in VS Code?

Consider the following flow that shows an attack sending an XSS payload to download a file, but results in an executed iframe JavaScript code that then further continues the attack and results in bypassing CORS protections and exfiltrating files from the developer IDE:

About AI Ecosystem Security

Cursor IDE isn’t a mere security risk for its third-party extensions but rather the cybersecurity threats lurk further from many attack vectors, a few of which are:

• Security issues in GenAI code and LLM integrations

• Take a Snyk Learn lesson on OWASP Top 10 LLM and GenAI

• If you’re into MCP, then read up on MCP Security and exploiting MCP Servers