A coordinated malware campaign on the JetBrains Marketplace involves at least 15 IDE plugins published under seven vendor accounts that steal AI provider API keys from developers. When users enter their API keys into plugin settings and click "Apply," the keys are sent over HTTP to a hardcoded server (39.107.60.51). The plugins operate as legitimate AI tools but secretly exfiltrate credentials. The attackers appear to harvest free users' API keys and redistribute them to paid users via a donation-based tier. The campaign started in October 2025 and continued through June 2026, with nearly 70,000 installations. Analysis confirmed the presence of credential theft code in the DeepSeek AI Assist plugin, which remained available on the marketplace at the time of reporting. No vendor advisory or patch information is available, and JetBrains had not publicly addressed the issue.

The malicious plugins compromise developer AI API keys, potentially allowing attackers to misuse these credentials for unauthorized AI service access. This can lead to unauthorized usage charges, loss of control over API keys, and potential abuse of AI services under the victim's account. The plugins' legitimate functionality may reduce suspicion, increasing the risk of prolonged credential theft. The redistribution of stolen keys to paid users also indicates a fraudulent monetization scheme. There is no evidence of broader system compromise beyond API key theft.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until official action is taken, users should avoid installing or using plugins from untrusted or unknown vendors on the JetBrains Marketplace. Developers should review and revoke any AI API keys that may have been entered into these plugins. Monitoring for unusual API usage and rotating API keys regularly is recommended. JetBrains users should await official communication and updates from JetBrains regarding removal or blocking of malicious plugins.