Beware of Malicious VSCode Extensions Stealing Passwords and Enabling Backdoors

May 17, 2023 at 04:37 PM

•

1 min read

Beware of Malicious VSCode Extensions Stealing Passwords and Enabling Backdoors — Photo: BleepingComputer

TL;DR Summary

Malicious extensions were uploaded to Microsoft's VSCode Marketplace, which were downloaded 46,600 times by Windows developers. The malware enabled threat actors to steal credentials, system information, and establish a remote shell on the victim's machine. While the extensions were removed, developers must manually remove them from their systems and run a complete scan to detect any remnants of the infection. Users are advised to only install extensions from trusted publishers with many downloads and community ratings, read user reviews, and always inspect the extension's source code before installing it.

Topics:technology #cybercrime #cybersecurity #malware #microsoft #software-repositories #vscode

Share this article

Malicious Microsoft VSCode extensions steal passwords, open remote shells BleepingComputer
VSCode Security: Malicious Extensions Detected- More Than 45,000 Downloads- PII Exposed, and Backdoors Enabled Check Point Blog
View Full Coverage on Google News

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

84%

550 → 89 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights