Likelihood: MODERATE
Impact: HIGH
Treatment: MITIGATE
Confidence: Moderate
Likelihood is moderate because exploitation is unconfirmed but distribution through official JetBrains and Chrome channels lowers the trust barrier, and developers routinely install AI-themed tooling without deep vetting — passive credential harvesting requires no active exploitation post-install. Impact is high because stolen AI API keys produce immediate, metered financial loss before detection, and co-mingled proprietary code and session data in adversary hands creates compounding intellectual-property and potential regulatory exposure.
Treatment rationale: The threat vector — developer workstation software supply chain via official marketplaces — is controllable through approved-extension policy, secrets management, and developer awareness, making active risk reduction the appropriate primary treatment rather than acceptance or transfer.
Third-Party / Supply-Chain Risk
Distribution via JetBrains Marketplace and Chrome Web Store represents a shared-platform supply-chain exposure: the organization inherits trust decisions made by marketplace operators whose vetting processes are outside organizational control. Per NIST SP 800-161, this is a third-party software acquisition risk — the malicious artifact arrives through a trusted distribution channel, bypassing standard perimeter controls. Any developer using organizational credentials or API keys provisioned on a personally managed or lightly controlled device amplifies this exposure across the software supply chain boundary.
Loss Exposure (illustrative)
Magnitude: moderate-to-high — illustrative $50K–$500K per affected organization
Frequency: Illustrative: for an organization with 50+ developers actively using AI tooling and no approved-extension controls, a plausible exposure window of one installed malicious extension per quarter during an active campaign, with credential harvest occurring within days of installation.
Annualized: Illustrative ALE: if one credential-theft event per year is plausible at $50K–$500K loss magnitude, annualized exposure is illustratively $50K–$500K, skewed toward the high end if API keys grant access to high-spend accounts or sensitive codebases.
Basis: Loss magnitude derived from two primary loss drivers: (1) unauthorized LLM API usage — major platforms bill by token consumption and charges can accumulate at scale before rate-limit alerts fire, with high-spend developer accounts representing the upper bound; (2) intellectual-property exposure — proprietary code and business logic shared in AI sessions during the interception window may require legal review, customer notification assessment, and remediation effort, driving the magnitude above the direct API cost alone. Frequency framing reflects that campaign-stage distribution through official channels, combined with developer tendency to install AI tooling opportunistically, makes at least one installation plausible per active campaign cycle for exposed organizations.
Illustrative estimate — not actuarially derived.
Insurance / Contractual / Legal — Potential Obligations
Potential triggers, not legal determinations. Verify with counsel/broker before acting.
• Confirmed theft of proprietary source code or internal business logic shared in AI sessions may invoke trade-secret or confidentiality obligations under customer or partner agreements — verify with counsel.
• If developer credentials provide access to environments processing personal data and a breach of that data is confirmed, state and federal breach-notification obligations may apply — verify with counsel.
• Unauthorized API usage charges and resulting financial loss may fall under cyber-insurance coverage for financial fraud or unauthorized access events — verify with broker before assuming coverage applies.
