Malicious VSCode Extensions on Microsoft’s Registry Drop Infostealers

Two malicious extensions in Microsoft's Visual Studio Code Marketplace, named Bitcoin Black and Codo AI, infect developers' computers with malware that can steal credentials, screenshots, and cryptocurrency. Codo AI appears as an AI assistant, while Bitcoin Black masquerades as a color theme. Both can execute harmful scripts and have been flagged by antivirus engines. Microsoft has since confirmed their removal from the marketplace. Developers are advised to only install extensions from reputable sources.

https://www.bleepingcomputer.com/news/security/malicious-vscode-extensions-on-microsofts-registry-drop-infostealers/

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top