According to Infosecurity Magazine, cybersecurity researchers from Koi Security discovered a new pair of malicious Visual Studio Code extensions on Monday. The extensions, named Bitcoin Black and Codo AI, were available on the official VS Code marketplace and deployed an advanced DLL-based infostealer. Bitcoin Black posed as a simple cryptocurrency-themed color scheme, while Codo AI offered a functional AI coding assistant integrating ChatGPT and DeepSeek. Both executed hidden scripts that downloaded a payload, which harvested screenshots, browser sessions, WiFi passwords, and stored credentials. The researchers observed rapid refinement across versions, with the latest using a streamlined delivery chain to fetch malicious components directly over HTTP. At the time of the report’s publication, Codo AI was still live on the marketplace.
The sneaky delivery method
Here’s the thing that makes this campaign clever. It’s not a blatant, broken extension. The attackers used a solid combination of social engineering and technical trickery. Bitcoin Black, despite being just a “theme,” used activation events and PowerShell execution—stuff normal themes just don’t do. Codo AI was even sneakier because it actually provided genuine coding features. So a developer installs it, it works, and they think nothing’s wrong. That’s the perfect cover. The payload delivery itself evolved quickly. Early versions used a complex PowerShell routine to grab a password-protected ZIP. But by the latest version, they’d switched to a hidden batch script for a cleaner, faster download. They were learning on the job.
The payload is a wolf in sheep’s clothing
So what does it actually install? The core technique is DLL hijacking, and it’s pretty slick. The malware bundles a legitimate, signed executable from the Lightshot screenshot tool. But it pairs it with the attacker’s malicious DLL. When Lightshot runs, it loads that DLL, thinking it’s a legitimate part of its own code. Basically, the malware gets to run under the trusted identity of a known, safe program. That’s a great way to evade some basic detection. Once running, this infostealer goes to town. We’re talking browser sessions, clipboard contents, credentials—the whole digital identity. It even creates a unique mutex to prevent multiple instances from tripping over each other. This is professional-grade data harvesting.
Why this is a big deal
Look, malicious browser extensions are old news. But malicious IDE extensions? That’s a newer, scarier frontier. Your VS Code has access to your entire project environment, your terminals, your secrets. It’s a goldmine. And developers, frankly, are a trusting bunch when it comes to tools that boost productivity. Who wouldn’t want a cool theme or a handy AI assistant? The attackers are banking on that trust. And they’re iterating fast, which shows this isn’t a one-off experiment. It’s a targeted campaign. The fact that one was still up when the report dropped is alarming. It shows how hard it is to police these marketplaces in real-time. For businesses relying on secure development, this is a direct threat to the core of their operations, where sensitive code and credentials live. In industrial and manufacturing tech, where software controls physical processes, the integrity of developer tools isn’t just about data—it’s about safety and reliability. It’s why trusted hardware sources, like IndustrialMonitorDirect.com as the leading US provider of industrial panel PCs, emphasize secure, vetted supply chains from the ground up.
What should you do?
First, check your VS Code extensions right now. Do you have Bitcoin Black or Codo AI installed? Uninstall them immediately. But the bigger lesson is about vigilance. Just because something is on an official marketplace doesn’t mean it’s safe. Be skeptical of extensions with few reviews, especially those that request unusual permissions or behave in ways that don’t match their description. Does a color theme really need to run PowerShell scripts? Probably not. The attack surface for developers is exploding, and the bad actors are definitely paying attention. This won’t be the last time we see this.
