Home > Quick > Body

Ethereum core developer's cryptocurrency wallet stolen by malicious artificial intelligence extension

clock
2025-08-13 12:35:12
Ethereum core developer Zak Cole said in an X platform post on Tuesday that he fell victim to a malicious artificial intelligence extension of Cursor AI that allowed attackers to gain access to his hot wallet within three days and eventually transfer the funds.
The developer installed a plugin called contractshark.solidity-lang, which appeared legitimate - with professional icons, descriptive text and more than 54,000 downloads - but secretly stole his private key. Cole said the plugin "read my .env file" and sent the private key to the attacker's server, giving the attacker access to his hot wallet for three days before the funds were transferred on August 10.
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
New Tab Page - Desk3 | Plugin
Stay ahead of the game in the cryptocurrency space.