#open-vsx

[ follow ]
#supply-chain-attack #glassworm #macos-credential-theft #etherhiding #supply-chain #vs-code-forks
Information security
fromThe Hacker News
2 days ago

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

A supply-chain compromise of a legitimate Open VSX developer allowed malicious GlassWorm loader updates to be published, risking macOS credentials and cryptocurrency wallet theft.
Information security
fromThe Hacker News
4 weeks ago

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

AI-powered VS Code forks recommend non-existent Open VSX extensions, enabling attackers to register those namespaces and publish malicious packages that compromise developers.
fromThe Hacker News
3 months ago

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

In the latest instance detected by the enterprise extension security firm, the malware is triggered when a new code editor window is opened or a .sol file is selected. Specifically, it's configured to find the fastest Ethereum Remote Procedure Call (RPC) provider to connect to in order to obtain access to the blockchain, initialize contact with a remote server at "sleepyduck[.]xyz" (hence the name) via the contract address " 0xDAfb81732db454DA238e9cFC9A9Fe5fb8e34c465," and kicks off a polling loop that checks for new commands to be executed on the host every 30 seconds.
Information security
[ Load more ]