The tool of artificial intelligence coding favored by the Crypto Exchange Coinbase’s preferences has a weakness that allows hackers to quietly inject malware and “spread themselves in an organization,” said a cybersecurity company.
Hiddenlayer reported On Thursday that a “Copypasta License” attack could hide malicious instructions on standard developer files to “introduce deliberate weaknesses in codebases that were otherwise safe.”
“By convincing the underlying model that our payload is actually an important license file that should be included as a feedback to each agent -edited file, we can quickly distribute immediate injection throughout the codebases with little effort,” he added.
The hidden predominantly tested the virus in the cursor, a coding tool enabled by AI that Coinbase Engineering team Says In August is the preferred tool For most of its developers and used by “every Coinbase Engineer” in February.
The coding tools of AI Windsurf, Kiro, and Aider are also shown to be weak to attack, according to Hiddenlayer.
Copypasta is hiding in standard files
Hiddenlayer explained that copypasta attacks place hidden instructions, or “injections prompts,” in licensed files.txt and readme.md that may direct AI coding tools without knowing a user.
The virus, or the prompt injection for AI, is hidden in a Markdown comment – text within a readme file used for adding explanations or notes that are not displayed when it has been rendered in its final format.
The Hiddenlayer created a code repository with a virus and asked that cursor use it, and hidden instructions found it to copy the prompt injection into the new files it created.
“This mechanism can be adjusted to achieve more bad results,” the company said.
“The injected code can be a backdoor, quiet exfiltrate sensitive data, introduce operations that draining the resource that sinks systems, or manipulate critical files to interrupt development and labor environments,” Hiddenlayer added. “All while buried deeply inside the files to avoid immediate discovery.”
Coinbase’s boss has fallen for “crazy” AI use
This came after CEO of Coinbase CEO Brian Armstrong on Wednesday that AI had written Up to 40% of its code And want to expand it to 50% next month, which motivates the backlash.
“It’s a giant red flag for any security sensitive business,” Says Decentralized Exchange Dango Founder Larry Lyu.
“Software company leaders: Don’t do this. AI is a tool, but ordering its use to a certain level is crazy,” Says Carnegie Mellon University Computer Science Professor Jonathan Aldrich. “I have no interest in using Coinbase, but even though I did, I certainly didn’t trust it with my money after seeing it.”
Delphi consulting head, ashwath balakrishnan, Called Coinbase’s goal of the “Performative and Vague” and instead focus on “new features and repairing existing bugs,” while longtime bitcoiner Alex Pilař Says The exchange is a major crypto career who “should prioritize security.”
Coinbase uses AI in “less sensitive data backends”
However, Armstrong said in his post that the AI-Generated Code “needs to be reviewed and understood” and not all exchange areas can be used, but it should be used “responsible as we can.”
Related: Criminals are ‘Vibe Hacking’ with AI at the uninterrupted levels: Anthropic
The Coinbase Engineering team’s post said the AI’s adoption was the deepest of teams working on user interfaces and “less sensitive data,” while the “complex and system-critical exchange systems” saw a slower uprising.
The team added that using AI for coding “is not a magic-bullet that we should expect that teams to adopt worldwide.”
Armstrong stabbed Devs Shirked Ai
Armstrong Says In stripe’s co-founder John Collison’s co-founder last month he fired engineers who did not try AI tools after buying Coinbase licenses for cursor and Github Copilot.
He said it was said that it would take months for engineers to use AI, admitting that he had “went to Rogue” and told all engineers that they were ordered tools.
“I said, ‘AI is important. We need you to know it and at least ride. You don’t have to use it every day until we conduct training, but at least onboard by the weekend, and if not, I have a meeting on Saturday to everyone who has never been done, and I want to meet you to understand why,” he said.
At the meeting, Armstrong said there were some engineers who did not use AI and did not show a good reason why, and “they fired,” admitted that it was a “heavy approach” that “some people really didn’t like.”
Ai eye: All hated the GPT-5, AI shows social media not to be repaired
