An Ethereum core developer has reported losing funds after installing a fraudulent AI coding extension that secretly harvested his private keys.
The tool, which appeared legitimate and had tens of thousands of downloads, accessed sensitive data from his .env file and sent it to an attacker’s server. His hot wallet was drained three days later.
The loss was limited to a few hundred dollars in Ethereum thanks to the use of small, project-specific wallets, with most holdings stored on hardware devices.
Malicious Extensions on the Rise
Security experts say fake extensions are becoming a major attack vector for crypto builders, using realistic branding and inflated download counts to gain trust.
A similar tactic was seen last year when a fake WalletConnect app on Google Play stole more than $70,000 in digital assets.
Cyvers’ security lead, Hakan Unal, warns developers to avoid storing keys in plain text, verify extensions before installing, and use hardware wallets to protect funds.
As AI-assisted tools grow in popularity, scammers are increasingly using them as entry points into the crypto ecosystem.
The information provided in this article is for informational purposes only and does not constitute financial, investment, or trading advice. Coindoo.com does not endorse or recommend any specific investment strategy or cryptocurrency. Always conduct your own research and consult with a licensed financial advisor before making any investment decisions.
Alex is an experienced financial journalist and cryptocurrency enthusiast. With over 8 years of experience covering the crypto, blockchain, and fintech industries, he is well-versed in the complex and ever-evolving world of digital assets. His insightful and thought-provoking articles provide readers with a clear picture of the latest developments and trends in the market. His approach allows him to break down complex ideas into accessible and in-depth content. Follow his publications to stay up to date with the most important trends and topics.
Source: https://coindoo.com/ethereum-developer-hacked-via-fake-ai-extension-in-wallet-drainer-attack/