Malicious code in millions of installs traced to Microsoft Visual Studio

Share post:

A group of Israeli researchers found thousands of potentially harmful extensions on the Visual Studio Code (VSCode) Marketplace, with some having millions of downloads. The researchers created a fake extension mimicking the popular ‘Dracula Official’ theme, dubbed ‘Darcula’, which included risky code to collect system information. This extension was downloaded by multiple high-value targets, including a publicly listed company and major security firms.

Using a custom tool called ‘ExtensionTotal’, the researchers discovered 1,283 extensions with known malicious code, 8,161 communicating with hardcoded IP addresses, and 1,452 running unknown executables. Despite reporting these findings to Microsoft, many of these extensions remained available for download as little as a day ago.

The researchers warn that the lack of stringent security controls on the VSCode Marketplace poses a significant threat to organizations.



Related articles

How your smart TV is watching you. Hashtag Trending for Monday, June 17th, 2024

Hashtag Trending is brought you with the generous sponsorship of Zoho Canada. We thank them for making it...

London hospitals cancel over 800 operations after ransomware attack

NHS England disclosed today that a recent ransomware attack on Synnovis has led to the cancellation of hundreds...

Microsoft cancels universal Recall release in favor of Windows Insider preview

Microsoft has decided to cancel the wide release of Recall, the controversial tool for Copilot+ PCs, and instead...

OpenAI’s revenue soars with subscription-based ChatGPT and developer integrations

There are reports that OpenAI has been been experiencing impressive financial growth. The Information reported that the company's...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways