DEV Community

Jonathan Flower
Jonathan Flower

Posted on • Originally published at blog.jonathanflower.com on

How to not Loose $500k to a Malicious Cursor Extension

#artificialintelligen #softwaredevelopment #ai #codingtools


Cursor’s open plugin marketplace allowed a malicious extension to steal $500,000;

The Issue with VS Code Plugins in Cursor

Cursor is an AI-powered code editor forked from Visual Studio Code, but unlike the official VS Code, it cannot use Microsoft’s proprietary extension marketplace. Instead, Cursor relies on the Open VSX registry—a more open, community-driven alternative with less strict security controls and review processes.

This openness allowed attackers to upload a fake “Solidity Language” extension that appeared legitimate (with a copied description and inflated download numbers). When installed, the extension executed malicious code, granting attackers remote access to the developer’s machine and ultimately leading to the theft of $500,000 in cryptocurrency. The attack exploited the fact that IDE extensions have deep system access, and the Open VSX marketplace’s ranking algorithm could be manipulated to make malicious extensions appear more trustworthy than legitimate ones.

Search results

Advice to Protect Against This Vulnerability

  1. Install Extensions from Trusted Sources
    • Prefer Microsoft’s official marketplace when possible. If you use Cursor or another VS Code fork, first install and test extensions in the official VS Code, then migrate them to Cursor. This reduces the risk of installing a malicious lookalike.
  2. Be Wary of Non-Functional or New Extensions
    • If an extension doesn’t work as expected, uninstall it immediately. New extensions are riskier—let them mature and gain community trust before adopting.
  3. Scrutinize Publisher Details
    • Check the publisher’s profile, history, and other published extensions. Attackers often use subtle name changes (like a capital “I” instead of a lowercase “l”) to impersonate trusted publishers.
  4. Watch for Inflated Download Counts
    • Don’t rely solely on download numbers or ratings; these can be faked.
  5. Compartmentalize Sensitive Work
    • Use minimal extensions in environments handling sensitive data (like crypto wallets). Consider separate systems for high-value activities.
  6. Stay Informed and Use Security Tools
    • Keep up with security advisories and use reputable antivirus or endpoint protection to detect suspicious activity.
  7. Verify Extension Code When Possible
    • Open-source does not guarantee safety. The distributed package may differ from the public code. If you’re highly security-conscious, build extensions from source or verify cryptographic signatures.

By following these practices, you can significantly reduce your risk when using VS Code plugins in Cursor or any similar open marketplace.

This is largely from Java Brains YouTube video about the issue.

Other sources:

​⁠https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-500k-crypto-heist-through-malicious-packages-targeting-cursor-developers ​⁠https://securelist.com/open-source-package-for-cursor-ai-turned-into-a-crypto-heist/116908/ ​⁠https://www.webasha.com/blog/what-is-the-real-risk-behind-malicious-vscode-extensions-like-the-cursor-ide-incident

Top comments (0)