📰
General 📅 2026-07-09 · 10:29 AM IST ⏱ 3 min read

AI Code Tools Tricked Into Installing Hidden Network Software on Developer Machines

Security researchers discover six popular coding assistants can be manipulated to secretly convert computers into proxy servers through permission bypass attacks.

The Vulnerability

Security researchers at Wiz have uncovered a dangerous weakness affecting several widely-used artificial intelligence coding assistants. The problem works like a sleight-of-hand magic trick: hackers create a malicious code project that requests permission to modify a seemingly unimportant file, but the system actually writes changes to a critical file instead.

When developers use these AI assistants to work with compromised code projects, they unknowingly grant permission for harmful modifications to their computers. The fake 7-Zip installers mentioned in reports represent just one example of how attackers exploit this flaw. Once installed, this software silently transforms the victim's computer into a residential proxy node—essentially turning the device into an unwitting relay point for internet traffic.

How the Attack Actually Works

Think of it like misdirection at a restaurant. A magician asks permission to take a coin from your left pocket while actually reaching into your right pocket. In this case, the AI coding assistant shows the developer what appears to be a harmless file modification request. The developer approves it, trusting the tool they use daily. Behind the scenes, however, the malicious code redirects the write operation to a sensitive system file that controls how the computer functions.

Six different AI coding assistants were found vulnerable to this technique, meaning millions of developers could potentially be affected if attackers actively exploit this weakness.

What This Means

When your computer becomes a residential proxy node, cybercriminals can route their internet traffic through your machine. This serves several criminal purposes:

The worst part? You might never know your computer was compromised. The software runs invisibly in the background while you work.

Why You Should Care

If you're a developer: Your machine contains sensitive information—client projects, proprietary code, personal files, and login credentials. A compromised system puts all of this at risk. Law enforcement could potentially trace illegal activity back to your internet connection, creating serious legal headaches even though you're the victim.

If you're not a developer: This attack pattern could spread to other professional tools you rely on. The vulnerability reveals a broader risk: AI assistants designed to modify files can be tricked into modifying the wrong files. Similar tricks could work on other software.

What You Can Do

This discovery serves as a reminder that even convenient, intelligent tools can become attack vectors when developers aren't vigilant about security.

📎 This is original ITVedas reporting. This story was inspired by coverage from source. Visit the source for their original reporting.

Want to understand the technology behind this story? ITVedas has beginner-friendly guides on every IT topic.

Explore IT Chapters →