What Are Malicious VSC Extensions?
Malicious VSC extensions are exactly what they sound like.
VSC extensions in themselves aren’t the problem here.
Yadullah Abidi/MakeUseOf
In a world wherescammers can even use your face to commit fraud, it’s best to stay cautious.
The image also perfectly illustrates why malware on the VSC marketplace is an issue.
Almost anyone can upload an extension and point its information wherever they want, be that false or malicious.
AquaSec
How Do Malicious Extensions End Up on the VSC Marketplace?
There are several ways a malicious extension can end up on the VSC marketplace.
However, the two most common methods are as follows.
Pungux/Shutterstock
These are often either loaded with data stealers or other malware and can cause serious harm to your PC.
Even theGoogle Bard app was distributed as malwareusing the same approach.
Why Doesnt Microsoft Do Something About Malicious Extensions?
Microsoft has implemented several security measures on the VSC Extensions Marketplace to ensure malicious extensions stay under check.
The marketplace also has typosquatting countermeasures to prevent malicious extensions from impersonating official publishers like RedHat and Microsoft itself.
However, despite these countermeasures, malicious extensions are still rampant in the marketplace.
The nature of VSC also plays an important part here.
VSC was built to open all sorts of files, execute various commands, and create child processes.
Hence EDRs can’t always understand if the scanned activity from VSC is legitimate developer activity or malicious code.
There are a lot of misleading and harmful extensions still available for download on the VSC marketplace.
