Cybersecurity researchers from Kaspersky’s Global Research and Analysis Team (GReAT) have exposed a targeted cryptocurrency heist involving malicious Visual Studio Code extensions designed to deceive developers using the Cursor development environment.
A Russian blockchain developer reportedly lost US$500,000 in crypto assets after installing a fake Solidity language extension from the Open VSX repository. The extension, claiming to support Solidity, in fact downloaded ScreenConnect malware and deployed the Quasar backdoor along with a stealer targeting browsers, email clients and crypto wallets.
The attacker manipulated download statistics to rank the malicious…
