Definition
A class of malware specifically designed to harvest authentication tokens, API keys, and configuration files used by AI development tools, MCP servers, and cloud services rather than targeting traditional passwords alone. Examples such as the Djinn Stealer (2026) explicitly target AI tool credentials, MCP tokens, and LLM API keys, because these grant access to AI infrastructure, training data, and downstream enterprise systems without triggering traditional credential-monitoring alerts. Stolen AI developer tokens can give attackers access to model training pipelines, proprietary datasets, and production AI deployments.
Why it matters
AI development credentials are high-value targets that unlock far more than a single account: a stolen MCP token or LLM API key can provide persistent access to an organisation's entire AI stack, including the ability to exfiltrate models, poison training data, or impersonate the organisation's AI services.