Developers targeted by malicious Microsoft VSCode extensions




  • Reversing Labs and Assaraf discover campaign targeting software and web3 devs
  • Multiple packages were hiding weaponized code that deploys stage-two malware
  • The malicious intent was very difficult to spot

Software developers, especially those working on web3 and cryptocurrency projects, are being targeted in a brand new software supply chain attack, experts have claimed.

Security researcher Amit Assaraf published a new blog post outlining how he had observed dozens of malicious Visual Studio Code extensions on the VSCode marketplace designed to download well-hidden second-stage payloads from shady domains (some in Russia).



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *