Cybersecurity researchers have uncovered a coordinated malware campaign on the JetBrains Marketplace involving 15 malicious plugins that exfiltrate AI provider API keys. The plugins, posing as AI coding assistants built on DeepSeek and other LLMs, function as advertised but covertly send API keys to an attacker-controlled server. The campaign has been active since October 2025, with two plugins—CodeGPT AI Assistant and DeepSeek AI Assist—each having over 25,000 downloads. Aikido Security identified the campaign, noting that the plugins also offer a paid tier that returns stolen API keys to paying users, enabling LLMjacking schemes.
Separately, two Google Chrome ad blocker extensions—Smart Adblocker (90,000 users) and Adblock for Browser (10,000 users)—have been caught capturing users’ conversations with AI chatbots including ChatGPT, Claude, Gemini, Copilot, Perplexity, DeepSeek, Grok, and Meta AI. Dubbed PromptSnatcher by researcher Jean-Marie R., these extensions use legitimate ad-blocking functionality as cover while exfiltrating AI conversation history, model usage, and subscription tier data to operator-controlled infrastructure. The malicious features were introduced via software updates, and the activity may violate Google’s extension policies.
CVEs: CVE-2026-11645
Malware: PromptSnatcher
Companies: Aikido Security, JetBrains, OpenAI, Anthropic, Google, Microsoft, Perplexity, DeepSeek, xAI, Meta AI
Products: CodeGPT AI Assistant, DeepSeek AI Assist, Smart Adblocker, Adblock for Browser, ChatGPT, Claude, Gemini, Copilot, Grok, Meta AI
Original source: thehackernews.com