Bottom line: 15 compromised JetBrains plugins masquerade as AI assistants and steal plaintext API keys over unencrypted HTTP connections to IP address 39.107.60.51.
Security researchers at Aikido Security have uncovered a coordinated malware campaign with at least 15 malicious IDE plugins on the JetBrains Marketplace. The plugins exfiltrate API keys for AI services such as OpenAI, DeepSeek, and SiliconFlow – approximately 70,000 installations are affected.
The affected plugins disguise themselves as AI coding assistants, code review tools, or Git utilities. They execute advertised functionality but contain hidden malicious code. Initial publication occurred in October 2025, with new variants added through June 2026. The plugins are distributed across seven different vendor accounts on the Marketplace.
The exfiltration of API keys starts immediately after configuration: as soon as a developer enters their personal AI API key in the plugin settings and clicks “Apply,” the key is transmitted in plaintext over an unencrypted HTTP connection to an external server at IP address 39.107.60.51. Analysis also revealed that the control server has the capability to return API keys to paying users – an indication that the operators are collecting keys stolen from free users and selling access for a fee.
Affected plugins include DeepSeek AI Assist, CodeGPT AI Assistant, DeepSeek Git Commit, AI FindBugs, AI Git Commitor, and AI Coder Review – a total of 15 variants were identified. Analysis confirmed the presence of malicious code in the plugin archive at the time of publication.
CTOs and development teams should immediately verify whether any of these plugins are installed. In case of installation, the affected API keys must be immediately revoked with the respective AI provider and new credentials generated to prevent abuse.
Source: www.it-daily.net · Published 18 June 2026
Lumi AI News — AI-assisted curation in accordance with Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.