|

Your Crypto Could Vanish: SlowMist Reveals Critical Flaw in AI Coding Tools

🚨

Blockchain safety agency SlowMist has issued an pressing warning a few crucial vulnerability in AI-powered coding instruments that would compromise developer techniques immediately by easy mission operations.

The flaw impacts mainstream built-in improvement environments (IDEs) and poses specific dangers to crypto builders whose techniques usually retailer worthwhile digital property and delicate credentials.

Users of AI coding assistants face speedy hazard when opening untrusted mission directories, with a number of builders already compromised in accordance with SlowMist’s risk intelligence staff.

The vulnerability triggers routinely when builders carry out routine actions, like “Open Folder,” on malicious initiatives, executing system instructions on each Windows and macOS with out requiring extra consumer interplay.

AI Coding Tools Become Attack Vector for Crypto Theft

Cursor customers face notably extreme publicity to the vulnerability, which cybersecurity firm HiddenLayer first documented in September in its analysis into the “CopyPasta License Attack.”

The exploit manipulates how AI assistants interpret widespread developer recordsdata, together with LICENSE.txt and README.md, by embedding dangerous directions in markdown feedback that stay hidden from rendered views however information AI instruments to propagate malware throughout complete codebases.

Attackers can stage backdoors, exfiltrate delicate information, or manipulate crucial techniques whereas malicious code stays buried deep inside recordsdata, in accordance with HiddenLayer’s evaluation.

The agency demonstrated the assault utilizing Cursor alongside different susceptible instruments, together with Windsurf, Kiro, and Aider, exhibiting how minimal consumer interplay allows organization-wide code compromise.

The disclosure follows Coinbase CEO Brian Armstrong’s aggressive push to have AI-generated code account for 40% of the company’s output, with plans to achieve 50% by October, regardless of firing engineers who didn’t undertake AI instruments inside one week of his mandate.

Security consultants and builders criticized the coverage as a “big pink flag for any security-sensitive enterprise,” in accordance with Dango founder Larry Lyu, whereas Carnegie Mellon professor Jonathan Aldrich referred to as it “insane” and mentioned he wouldn’t belief Coinbase together with his funds.

Nation-State Hackers Weaponize Blockchain for Malware Distribution

Developers proceed to face persistent organized assaults. North Korean risk actors have escalated assaults by embedding malware directly into blockchain smart contracts, marking the primary documented nation-state use of “EtherHiding” methods.

Famous Chollima operatives deployed malicious JavaScript modules that mixed the BeaverTail and OtterCookie malware by pretend job interviews concentrating on crypto builders, distributing the code through an NPM bundle disguised as a chess utility.

Google documented a North Korean group, UNC5342, embedding JADESNOW malware and INVISIBLEFERRET backdoors inside sensible contracts on the BNB Smart Chain and Ethereum since February, making a decentralized command-and-control infrastructure that regulation enforcement can’t simply dismantle.

The method shops payloads on public blockchains by read-only perform calls that keep away from transaction charges and depart no seen historical past.

Still concentrating on builders, again in April, the attackers established legitimate US companies using stolen identities, with Silent Push researchers discovering Blocknovas registered to a vacant South Carolina lot and Softglide traced to a Buffalo tax workplace.

It was found that each had been serving as fronts for the “Contagious Interview” marketing campaign that distributes malware by technical assessments.

These safety threats continue to grow whilst crypto-related losses from hacks and cybersecurity exploits fell 60% in December to $76 million, in accordance with blockchain safety agency PeckShield, down from November’s $194.2 million.

AI Systems Discover Zero-Day Exploits Worth Millions

The paradox of the moral and unethical use of AI is turning into more and more regarding.

Last month, Anthropic analysis confirmed that AI agents successfully exploited 50% of smart contracts in its SCONE-bench testing framework, producing simulated assaults price $550.1 million throughout 405 traditionally compromised contracts.

Claude Opus 4.5 and GPT-5 found working exploits on 19 contracts deployed after their information cutoff dates, representing $4.6 million in worth, whereas each fashions discovered two zero-day vulnerabilities in reside Binance Smart Chain contracts price $3,694 at an API value of $3,476.

The examine discovered potential exploit income roughly doubled each 1.3 months whereas token prices for producing working assaults fell sharply, that means attackers get hold of extra profitable exploits for equivalent compute budgets as fashions enhance.

Crypto AI Coding Tools - Percentage increase in gen-AI-enabled scam reports on Chainabuse Chart
Source: TRMLabs

Meanwhile, AI-powered crypto scams increased 456% between May 2024 and April 2025, in accordance with Chainabuse information, with 60% of deposits into rip-off wallets now stemming from AI-driven schemes utilizing deepfakes, voice cloning, and automatic bots that create pretend identities and sensible conversations at scale.

The put up Your Crypto Could Vanish: SlowMist Reveals Critical Flaw in AI Coding Tools appeared first on Cryptonews.

Similar Posts