Cybersecurity experts are warning about a new attack known as the CopyPasta License Attack, which targets artificial intelligence assistants for programming. According to analysts at HiddenLayer, this threat poses a significant risk to companies, particularly to the cryptocurrency platform Coinbase, if additional protective measures are not taken.
This is reported by Finway
How the CopyPasta License Attack Works
Malicious actors hide harmful code in familiar files for developers, such as README.md and LICENSE.txt, using markdown comments. AI assistants perceive these documents as reliable sources, allowing the attack to propagate automatically. As a result, infected files become vectors for distribution, infecting other AI assistants that process them. Thus, the attack takes on the appearance of a chain reaction, resembling a self-replicating virus in distributed code repositories.
“The injected code can create ‘backdoors’, stealthily exfiltrate confidential data, or manipulate critical files,” warned HiddenLayer.
Threat to Coinbase and Expert Recommendations
This vulnerability has drawn particular attention due to the use of the exploit against Cursor—a key AI tool that Coinbase announced as essential for its engineers in August. The company even insisted on its mandatory use, dismissing developers who refused to transition to the new tool. The exchange’s CEO, Brian Armstrong, noted that at that time, up to 40% of Coinbase’s software code had already been written using AI, and this share was expected to rise to 50% in the coming month. Armstrong emphasized that AI is primarily engaged for less critical tasks, while work on complex and important systems is approached with heightened caution.
Experts at HiddenLayer advise companies to check all files for hidden comments and to thoroughly review changes made by AI assistants. They stress the necessity of considering any unreliable data in the contexts of large language models as potentially harmful.
“All unreliable data entering the contexts of LLM [large language models] should be regarded as potentially harmful.”
Additionally, researchers note that malicious actors may use other delivery channels for harmful code, such as through Ethereum smart contracts, allowing them to bypass traditional cybersecurity measures.