At least 15 malicious JetBrains IDE plugins disguised as AI assistants have stolen API keys from close to 70,000 installations, likely reselling the stolen credentials to paying users.

What happened: Security researchers detected a coordinated campaign involving 15 IDE plugins published under seven vendor accounts on the JetBrains Marketplace starting at the end of October 2025 and continuing through June 2026. Each plugin functions as an advertised AI coding assistant but contains hidden code that exfiltrates the API key you enter into its settings, sending it in plaintext to an attacker-controlled server at 39.107.60[.]51 over plain HTTP.

Why it matters: Developer machines hold source code, cloud credentials, signing keys, and API keys for paid AI services—making them high-value targets. IDE plugins run unsandboxed inside a tool people trust and leave open all day, allowing malicious code to operate in the background. Even though JetBrains plugins go through manual review, small pieces of hidden logic can slip through, putting any developer who pastes secrets into unvetted tools at risk.

What to watch: The operator appears to be running a resale scheme: harvesting API keys from users who paste their own credentials, then distributing those stolen keys to paying customers as part of a paid tier, meaning the genuine key owners bear the cost while the attacker collects money on both sides. The earliest versions appeared at the end of October 2025, and new ones are still being released.