Crypto

Warning Crypto Investors—This Malicious Code Could Empty Your Wallet

Published

1 year ago

December 19, 2024

Press Room

Warning Crypto Investors—This Malicious Code Could Empty Your Wallet

Bitcoin emblem over a graph.

getty

Recent reports have uncovered a series of malicious extensions in the Visual Studio Code, or VSCode, marketplace, targeting software developers and cryptocurrency enthusiasts with sophisticated attacks designed to compromise their systems and steal sensitive data. VSCode is a popular code editor used by millions of developers worldwide.

Security researcher Amit Assaraf recently revealed how attackers are exploiting the VSCode marketplace. Assaraf uncovered extensions that appeared to offer valuable features but were, in fact, Trojan horses for malware. One extension, masquerading as an official Zoom integration, seemed legitimate, boasting numerous installs and positive reviews. However, upon installation, the extension downloaded a malicious script from a Russian server, executing unauthorized commands on victims’ machines.

The attackers had carefully crafted their extensions to look authentic. They used fake reviews, linked to reputable repositories, and inflated download counts to make the tools appear credible—practices that can lull even experienced developers into a false sense of security.

Crypto in the VSCode Crosshairs

Further investigations revealed that this malicious activity is part of a broader campaign targeting developers working in blockchain and cryptocurrency environments. Reporting from BleepingComputer noted that some of these extensions claimed to support Ethereum development or blockchain toolkits. They also provided the following list of ones that were submitted to the VSCode marketplace:

EVM.Blockchain-Toolkit
VoiceMod.VoiceMod
ZoomVideoCommunications.Zoom
ZoomINC.Zoom-Workplace
Ethereum.SoliditySupport
ZoomWorkspace.Zoom (three versions)
ethereumorg.Solidity-Language-for-Ethereum
VitalikButerin.Solidity-Ethereum (two versions)
SolidityFoundation.Solidity-Ethereum
EthereumFoundation.Solidity-Language-for-Ethereum (two versions)
SOLIDITY.Solidity-Language
GavinWood.SolidityLang (two versions)
EthereumFoundation.Solidity-for-Ethereum-Language

Adding to these findings, researchers at ReversingLabs uncovered how the VSCode campaign overlaps with similar malicious activity in the npm package repository. An npm package is a piece of reusable code that can be easily shared, distributed and integrated into software projects. These packages are used to build applications faster by reusing common functionalities, rather than writing everything from scratch. In their report, ReversingLabs explained how attackers often use multiple platforms to spread their malware, creating a more extensive attack surface that targets developers across ecosystems.

The Vulnerabilities Of The VSCode Ecosystem

While VSCode is celebrated for its versatility and user-friendly extension system, these same features make it a prime target for attackers. The issues stem from several vulnerabilities within the extension ecosystem:

Unverified Publishers: Most of the extensions in the VSCode marketplace come from unverified publishers. This leaves developers with little assurance about an extension’s authenticity.
Trust in Metrics: Developers often rely on install counts and reviews to gauge an extension’s credibility. Attackers exploit this trust by inflating these metrics and posting fake reviews.
Limited Oversight: Despite Microsoft’s efforts to monitor and remove malicious extensions, the sheer volume of offerings in the marketplace makes it challenging to detect threats promptly.

VSCode: A Secondary Threat

Cryptocurrency wallets, whether stored on a computer or secured with a hardware wallet, are critical tools for managing digital assets. While these wallets are designed to protect private keys and transactions, the surrounding software environment—such as VSCode—can introduce vulnerabilities that put funds at risk, especially for wallets stored on a computer. Recent discoveries of malicious VSCode extensions demonstrate how a compromised development environment can lead to significant crypto losses, even for those who believe their wallets are secure.

The VSCode Threat to Computer Wallets

For users storing cryptocurrency on a desktop wallet, the risks posed by malicious VSCode extensions are immediate and direct. Here’s how it can happen:

Keystroke Logging: A malicious VSCode extension, installed unknowingly, can quietly monitor and log every keystroke. If a user types in their wallet password, private keys or recovery phrases, this sensitive information is captured and sent to the attacker. Even the most secure desktop wallet becomes vulnerable if its credentials are exposed.
Clipboard Hijacking: During transactions, users often copy and paste wallet addresses to avoid manual errors. Malware embedded in a VSCode extension can intercept clipboard activity, replacing the intended wallet address with the attacker’s. Without double-checking the address, the user may unknowingly send funds directly to the hacker.
Fake Prompts or Interfaces: Some malicious extensions inject phishing-style prompts into the software environment, asking users to “verify” their wallet credentials or seed phrases. These prompts appear legitimate, but the data entered is captured by the attacker.
Manipulated Transactions: For developers working with blockchain APIs, malicious extensions can intercept and alter transaction details. For instance, if a wallet is used to send funds programmatically, an attacker could change the destination address or transaction parameters without the user noticing.

Imagine a blockchain developer using VSCode to build an app that integrates with their desktop wallet for testing purposes. They install an extension claiming to simplify Ethereum contract deployment. Unbeknownst to them, the extension is malicious. It begins logging keystrokes and steals the wallet password. When the developer initiates a test transaction, the extension intercepts the API call and replaces the intended recipient address with one controlled by the attacker. The funds are irretrievably sent to the wrong destination.

These revelations are a wake-up call for developers and platform administrators alike. The trust users place in extension marketplaces is being weaponized. Relying on trust metrics alone—such as download counts or reviews—is not sufficient. Developers must remain vigilant and take proactive measures to protect their environments and their cryptocurrency.

Click to comment

Crypto

XRP Stalls Despite Bullish Developments and Ripple’s Institutional Momentum

Published

3 hours ago

January 11, 2026

Press Room

XRP Stalls Despite Bullish Developments and Ripple’s Institutional Momentum

XRP is consolidating near a key level as Ripple expands its regulated global finance footprint, signaling patience in price action while adoption, institutional integration, and regulatory clarity quietly strengthen the crypto asset’s long-term foundation.

Crypto

This Popular Cryptocurrency Could Soar by 177% in 2026, According to Wall Street Analyst Tom Lee

Published

15 hours ago

January 10, 2026

Press Room

This Popular Cryptocurrency Could Soar by 177% in 2026, According to Wall Street Analyst Tom Lee

Key Points

Ethereum is the leading platform for developers who want to build decentralized software applications, which are popular in areas like gaming and finance.
Ether, which is Ethereum’s native cryptocurrency, set a new record high during 2025, but it ended the year in the red.
Wall Street analyst Tom Lee thinks Ether could soar in the early stages of 2026, and he chairs a company that owns over $13 billion worth of coins.

Cryptocurrencies had a tough year in 2025, with most popular coins and tokens suffering losses. Not even the industry leaders like Bitcoin and Ethereum(CRYPTO: ETH) were spared, ending the year down 5% and 11%, respectively.

But 2026 is here, and Wall Street analyst Tom Lee recently came out with a set of very bullish forecasts. He thinks Ether, which is the native cryptocurrency of the Ethereum network, could soar to $9,000 per coin early in the year, implying a potential upside of 177% from where it’s trading as I write this.

Where to invest $1,000 right now? Our analyst team just revealed what they believe are the 10 best stocks to buy right now. Continue »

Lee founded Fundstrat Global Advisors, but he’s also the chairman of BitMine Immersion Technologies(NYSEMKT: BMNR), which owns approximately $13.4 billion worth of Ethereum, so he certainly has some skin in the game. How realistic is his latest forecast?

Image source: Getty Images.

What is Ethereum?

Ethereum is a platform where people develop decentralized software applications, which are increasingly popular in industries like gaming and financial services. These apps are governed by smart contracts, which are pieces of computer code that live on the Ethereum blockchain. They typically can’t be changed, so no person or company can manipulate the app’s core set of rules, ensuring it stays decentralized.

The Ethereum network itself is also completely decentralized. Instead of using one large data center, it’s hosted on thousands of nodes (computers) all over the world that store an updated copy of its blockchain. Therefore, the network won’t be compromised even if some nodes go down, and that’s how Ethereum has boasted 100% uptime over the last decade.

Ether is like the fuel that makes the Ethereum network function. Every time a person activates a smart contract by using an app, or even transfers a crypto token built on Ethereum, they incur a fee that is payable in Ether. Therefore, the larger the network grows, the more demand there is for Ether, and the more valuable the coin becomes (in theory).

Thousands of decentralized apps have been built on Ethereum so far. Uniswap, for instance, is a popular exchange where people can trade their cryptocurrencies for other cryptocurrencies. Pricing and execution is handled entirely by smart contracts with no intermediaries, creating a lightning-fast and cost-effective experience. Users don’t even need to create an account, because they can connect their crypto wallets directly to Uniswap and immediately start transacting.

How realistic is Lee’s target?

Tom Lee thinks decentralized apps will take over the financial industry, and as the largest platform of its kind, he’s betting Ethereum will lead the transition. The world’s largest asset manager, BlackRock, is already exploring plans to tokenize some of its exchange-traded funds (ETFs) by moving them onto the blockchain, where they can trade more efficiently compared to using traditional stock exchanges.

That is just one example suggesting Lee could eventually be right. But the growing adoption of stablecoins — many of which are built on Ethereum — is another sign. These cryptocurrencies are designed to maintain a stable value (hence their name), and they can be sent anywhere in the world practically instantly. Therefore, they are far more efficient than traditional payment rails that often take several days to move money across borders.

According to Cathie Wood’s Ark Investment Management, over $15 trillion in payment volume was processed using stablecoins in 2024, which was more volume than both Visa and Mastercard processed.

But could all of this send Ether soaring by 177% to $9,000 per coin in the early stages of 2026? I’m not so sure. Ether climbed to a record price of $4,946 per coin in 2025, which was a win for investors, but it was the first new high in four years. Plus, the coin has already lost 32% of its peak value, so I’m not sure if it can muster enough momentum to almost triple in value in the next few months like Lee predicts.

With that said, $9,000 per coin would give Ether a market capitalization of around $1.08 trillion, so it would still be much smaller than Bitcoin, which has a market cap of $1.85 trillion. Therefore, I wouldn’t rule out Lee’s target, especially if the decentralized revolution continues to gather momentum, but I would certainly be cautious about the timing. Plus, it’s important to remember Lee chairs the BitMine Immersion Technologies company, which owns 4.1 million Ether coins, so he has a vested interest in putting forward highly bullish targets.

Should you buy stock in Ethereum right now?

Before you buy stock in Ethereum, consider this:

The Motley Fool Stock Advisor analyst team just identified what they believe are the 10 best stocks for investors to buy now… and Ethereum wasn’t one of them. The 10 stocks that made the cut could produce monster returns in the coming years.

Consider when Netflix made this list on December 17, 2004… if you invested $1,000 at the time of our recommendation, you’d have $488,222!* Or when Nvidia made this list on April 15, 2005… if you invested $1,000 at the time of our recommendation, you’d have $1,134,333!*

Now, it’s worth noting Stock Advisor’s total average return is 969% — a market-crushing outperformance compared to 196% for the S&P 500. Don’t miss the latest top 10 list, available with Stock Advisor, and join an investing community built by individual investors for individual investors.

See the 10 stocks »

*Stock Advisor returns as of January 10, 2026.

Anthony Di Pizio has no position in any of the stocks mentioned. The Motley Fool has positions in and recommends Bitcoin, Ethereum, Mastercard, and Visa. The Motley Fool recommends BlackRock. The Motley Fool has a disclosure policy.

Crypto

Fed ‘Sweet Spot’ Sends Signal for Bitcoin as Jobs Data Quietly Sets Stage for $100K BTC

Published

1 day ago

January 10, 2026

Press Room

Fed ‘Sweet Spot’ Sends Signal for Bitcoin as Jobs Data Quietly Sets Stage for 0K BTC

Bitcoin’s march toward $100,000 is gaining momentum as cooling U.S. labor data, shifting Fed policy expectations, and geopolitical tensions converge, setting the stage for renewed price discovery and a possible breakout beyond prior all-time highs.