Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Summary
Researchers have discovered 73 fake Visual Studio Code extensions on the Open VSX repository that are part of the GlassWorm campaign. Six of these extensions have been confirmed as malicious, actively stealing information from users.
IFF Assessment
FOE
The discovery of malicious extensions impersonating legitimate tools represents a direct threat to developers and their systems, facilitating information theft.
Defender Context
Defenders should be aware of the risks associated with installing extensions from unofficial or less reputable marketplaces. It's crucial to verify the authenticity of any VS Code extension and to monitor for unusual network activity or data exfiltration that might indicate a compromise.