A malicious VS Code extension named 'ClawdBot Agent' was discovered impersonating the viral AI assistant Clawdbot. The extension functions as a fully working AI coding tool while silently deploying a weaponized ScreenConnect remote access client on Windows machines at startup. The attack uses a C2-fetched config to download a pre-configured ScreenConnect installer that phones home to attacker-controlled infrastructure, with a Rust-based DWrite.dll sideloading backup that fetches the same payload from Dropbox disguised as a Zoom update. Three layers of fallback delivery (dynamic config, hardcoded JS URLs, PowerShell batch script) ensure persistence. The extension has been removed from the VS Code Marketplace. Detailed IOCs, remediation steps, and file hashes are provided for affected developers.
Table of contents
What is Clawdbot?The Malicious CodeThe Payload DeliveryInside DWrite.dll: A Rust-Based LoaderRedundancy, Redundancy, RedundancyThe InfrastructureWhat Makes This Attack EffectiveRemediation & DetectionIndicators of CompromiseSort: