TigerJack Campaign Targets Developers with Malicious VSCode Extensions
Summary
Hide ▲
Show ▼
The TigerJack campaign continues to target developers with malicious Visual Studio Code (VSCode) extensions, which have now been found to leak access tokens posing a critical software supply chain risk. The campaign has distributed at least 11 malicious VSCode extensions since the beginning of the year, with two extensions, C++ Playground and HTTP Format, removed from VSCode but remaining on OpenVSX. These extensions steal cryptocurrency, plant backdoors, and exfiltrate source code. The threat actor republishes the same malicious code under new names, making detection and removal challenging. Developers are advised to be cautious when downloading extensions from these platforms. Over 100 VSCode extensions were found to leak access tokens, allowing attackers to distribute malicious updates. The leaked tokens include AI provider secrets, cloud service provider secrets, and database secrets. Microsoft has revoked the leaked PATs and is adding secret scanning capabilities to enhance security. Organizations are recommended to develop an extension inventory and consider a centralized allowlist for extensions.
Timeline
-
15.10.2025 17:16 1 articles · 23h ago
Microsoft Revokes Leaked PATs and Adds Secret Scanning
Microsoft revoked the leaked personal access tokens (PATs) and is adding secret scanning capabilities to block extensions with verified secrets and notify developers when secrets are detected. The cloud security firm Wiz identified over 550 validated secrets across more than 500 extensions from hundreds of distinct publishers. The 550 secrets fall under 67 distinct types of secrets, including AI provider secrets, cloud service provider secrets, and database secrets. The issue highlights the continued risks of extensions and plugins, and supply chain security in general.
Show sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
15.10.2025 00:35 2 articles · 1d ago
TigerJack Campaign Distributes Malicious VSCode Extensions
Since the beginning of the year, TigerJack has distributed at least 11 malicious VSCode extensions. Two extensions, C++ Playground and HTTP Format, were removed from the VSCode marketplace but remain available on OpenVSX. These extensions steal cryptocurrency, plant backdoors, and exfiltrate source code. The threat actor republishes the same malicious code under new names, making detection and removal challenging. The extensions are disguised as legitimate tools and use various techniques to exfiltrate data and mine cryptocurrency. Developers are advised to be cautious when downloading extensions from these platforms. Over 100 VSCode extensions were found to leak access tokens, allowing attackers to distribute malicious updates. The leaked tokens include AI provider secrets, cloud service provider secrets, and database secrets. The extensions that leaked access tokens included themes and other types of extensions. The issue extends to internal or vendor-specific extensions used by organizations.
Show sources
- Malicious crypto-stealing VSCode extensions resurface on OpenVSX — www.bleepingcomputer.com — 15.10.2025 00:35
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
Information Snippets
-
TigerJack is a threat actor targeting developers with malicious VSCode extensions.
First reported: 15.10.2025 00:352 sources, 2 articlesShow sources
- Malicious crypto-stealing VSCode extensions resurface on OpenVSX — www.bleepingcomputer.com — 15.10.2025 00:35
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
The campaign has distributed at least 11 malicious VSCode extensions since the beginning of the year.
First reported: 15.10.2025 00:352 sources, 2 articlesShow sources
- Malicious crypto-stealing VSCode extensions resurface on OpenVSX — www.bleepingcomputer.com — 15.10.2025 00:35
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
Two extensions, C++ Playground and HTTP Format, were removed from VSCode but remain on OpenVSX.
First reported: 15.10.2025 00:352 sources, 2 articlesShow sources
- Malicious crypto-stealing VSCode extensions resurface on OpenVSX — www.bleepingcomputer.com — 15.10.2025 00:35
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
C++ Playground exfiltrates source code to external endpoints.
First reported: 15.10.2025 00:352 sources, 2 articlesShow sources
- Malicious crypto-stealing VSCode extensions resurface on OpenVSX — www.bleepingcomputer.com — 15.10.2025 00:35
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
HTTP Format runs a CoinIMP miner in the background using the host’s processing power.
First reported: 15.10.2025 00:352 sources, 2 articlesShow sources
- Malicious crypto-stealing VSCode extensions resurface on OpenVSX — www.bleepingcomputer.com — 15.10.2025 00:35
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
Some extensions fetch and execute JavaScript code from a hardcoded address every 20 minutes.
First reported: 15.10.2025 00:352 sources, 2 articlesShow sources
- Malicious crypto-stealing VSCode extensions resurface on OpenVSX — www.bleepingcomputer.com — 15.10.2025 00:35
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
TigerJack operates as a coordinated multi-account operation with credible backgrounds.
First reported: 15.10.2025 00:352 sources, 2 articlesShow sources
- Malicious crypto-stealing VSCode extensions resurface on OpenVSX — www.bleepingcomputer.com — 15.10.2025 00:35
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
OpenVSX has not responded to reports of the malicious extensions.
First reported: 15.10.2025 00:351 source, 1 articleShow sources
- Malicious crypto-stealing VSCode extensions resurface on OpenVSX — www.bleepingcomputer.com — 15.10.2025 00:35
-
Over 100 Visual Studio Code (VS Code) extensions leaked access tokens, posing a critical software supply chain risk.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
The leaked tokens could allow attackers to distribute malicious updates across the entire install base.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
Wiz security researcher Rami McCarthy identified over 550 validated secrets across more than 500 extensions.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
The secrets included AI provider secrets, cloud service provider secrets, and database secrets.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
More than 100 extensions leaked VS Code Marketplace PATs, accounting for over 85,000 installs.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
Another 30 extensions with a cumulative install base of at least 100,000 leaked Open VSX Access Tokens.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
The extensions that leaked access tokens included themes and other types of extensions.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
The issue extends to internal or vendor-specific extensions used by organizations.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
Microsoft revoked the leaked PATs and is adding secret scanning capabilities to block extensions with verified secrets.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
VS Code users are advised to limit the number of installed extensions and scrutinize them before downloading.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
Organizations are recommended to develop an extension inventory and consider a centralized allowlist for extensions.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
The TigerJack campaign involved sophisticated extensions that steal source code, mine cryptocurrency, and establish remote backdoors.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
The extensions C++ Playground and HTTP Format attracted over 17,000 downloads before their takedown.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
The C++ Playground extension captures keystrokes to steal C++ source code files.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
The HTTP Format extension runs the CoinIMP miner to mine cryptocurrency.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
Three other extensions published by TigerJack can act as backdoors by downloading and running arbitrary JavaScript from an external server every 20 minutes.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
The extensions started as benign tools before malicious modifications were introduced.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
-
Microsoft has a multi-step process to keep the VS Code marketplace free of malware, but these protections do not apply to other registries like Open VSX.
First reported: 15.10.2025 17:161 source, 1 articleShow sources
- Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks — thehackernews.com — 15.10.2025 17:16
Similar Happenings
FileFix Attack Evolves with Cache Smuggling Technique
A new variant of the FileFix social engineering attack uses cache smuggling to evade security software. This technique involves hiding a malicious ZIP archive within a browser's cache to bypass detection. The attack impersonates a Fortinet VPN Compliance Checker and tricks users into executing a PowerShell script through the Windows File Explorer address bar. The script extracts the malicious payload from the cache and executes it. This new variant was first observed by cybersecurity researcher P4nd3m1cb0y and detailed by Marcus Hutchins of Expel. The attack has been adopted by various threat actors, including ransomware groups. Additionally, a new ClickFix kit called the IUAM ClickFix Generator has been discovered, which automates the creation of ClickFix-style lures.
WhiteCobra targets VSCode users with crypto-stealing extensions
A threat actor named WhiteCobra has targeted users of Visual Studio Code (VSCode), Cursor, and Windsurf by uploading 24 malicious extensions to the Visual Studio marketplace and the Open VSX registry. The extensions are designed to steal cryptocurrency. The campaign is ongoing, with the threat actor continuously replacing removed extensions with new malicious ones. Core Ethereum developer Zak Cole reported that his wallet was drained after using a seemingly legitimate extension for the Cursor code editor. The extensions appear legitimate due to professionally designed icons, detailed descriptions, and inflated download counts. WhiteCobra previously conducted a $500,000 crypto-theft campaign in July using a fake extension for the Cursor editor.
TA415 (APT41) Abuses Velociraptor Forensic Tool for C2 Tunneling via Visual Studio Code
Unknown threat actors, identified as TA415 (APT41), deployed the open-source Velociraptor forensic tool to download and execute Visual Studio Code, likely for command-and-control (C2) tunneling. The attack leveraged legitimate software and Windows utilities to minimize malware deployment and maintain a foothold in the target environment. The attackers used Cloudflare Workers domains for staging and additional payloads, and the incident highlights the evolving tactics of threat actors using legitimate tools for malicious purposes. The attack began with the use of the Windows msiexec utility to download an MSI installer from a Cloudflare Workers domain. Velociraptor was then used to establish contact with another Cloudflare Workers domain, facilitating the download and execution of Visual Studio Code with tunneling capabilities. This allowed for remote access and code execution, potentially leading to further malicious activities such as ransomware deployment. The phishing campaign targeted US government, think tank, and academic organizations involved in US-China relations, economic policy, and international trade. The attackers impersonated the US-China Business Council and John Moolenaar, Chair of the Select Committee on Strategic Competition between the US and the Chinese Communist Party. The phishing messages contained links to password-protected archives hosted on cloud services, which included a shortcut (LNK) file and a hidden subfolder. Launching the LNK file executed a batch script that downloaded the VSCode Command Line Interface (CLI) from Microsoft’s servers, created a scheduled task for persistence, and established a VS Code remote tunnel authenticated via GitHub. The script also collected system information and the contents of various user directories, sending it to the attackers. The script sent a VS Code remote tunnel verification code, allowing the attackers to access the victim’s computer remotely and execute arbitrary commands. The incident underscores the importance of monitoring for unauthorized use of legitimate tools and implementing robust endpoint detection and response systems to mitigate such threats.
VS Code Marketplace Extension Name Reuse Vulnerability
A security flaw in the Visual Studio Code Marketplace allows attackers to republish deleted extensions under the same name. The vulnerability was identified after a malicious extension named 'ahbanC.shiba' was found to mimic previously removed extensions. The flaw enables threat actors to reuse names of previously removed extensions, potentially leading to supply chain attacks. The issue arises because, although each extension must have a unique ID, the name field can be reused if an extension is deleted. This behavior does not apply if an extension is merely unpublished. The same vulnerability exists in the Python Package Index (PyPI) repository, where deleted package names can be reused if the distribution file names differ. This flaw poses a significant risk, as popular extensions could be impersonated by malicious actors.
UNC5518 Access-as-a-Service Campaign via ClickFix and Fake CAPTCHA Pages
The FileFix social engineering attack, a variant of the ClickFix family, impersonates Meta account suspension warnings to trick users into installing the StealC infostealer malware. The campaign has evolved over two weeks with different payloads, domains, and lures, indicating an attacker testing and adapting their infrastructure. The FileFix technique, created by red team researcher mr. d0x, uses the address bar in File Explorer to execute malicious commands. The campaign employs steganography to hide a second-stage PowerShell script and encrypted executables inside a JPG image, which is believed to be AI-generated. The StealC malware targets credentials from various applications, cryptocurrency wallets, and cloud services, and can take screenshots of the active desktop. The FileFix attack uses a multilingual phishing site to trick users into executing a malicious command via the File Explorer address bar. The attack leverages Bitbucket to host the malicious components, abusing a legitimate source code hosting platform to bypass detection. The attack involves a multi-stage PowerShell script that downloads an image, decodes it into the next-stage payload, and runs a Go-based loader to launch StealC. The attack uses advanced obfuscation techniques, including junk code and fragmentation, to hinder analysis efforts. The FileFix attack is more likely to be detected by security products due to the payload being executed by the web browser used by the victim. The FileFix attack demonstrates significant investment in tradecraft, with carefully engineered phishing infrastructure, payload delivery, and supporting elements to maximize evasion and impact. The MetaStealer attack, a variant of the ClickFix family, uses a fake Cloudflare Turnstile lure and an MSI package disguised as a PDF to deploy the MetaStealer infostealer malware. The attack involves a multi-stage infection chain that includes a DLL sideloading technique using a legitimate SentinelOne executable. The MetaStealer attack targets crypto wallets and other sensitive information, using a combination of social engineering and technical evasion techniques to deploy malware. Previously, threat actors tracked as UNC5518 leveraged a social engineering tactic called ClickFix to deploy the CORNFLAKE.V3 backdoor. The campaign used fake CAPTCHA pages to trick users into executing malicious PowerShell scripts, providing initial access to systems. This access was then monetized by other threat groups, including UNC5774 and UNC4108, which deployed additional payloads. The attack began with users interacting with compromised search results or malicious ads, leading them to fake CAPTCHA pages. Users were then tricked into running a malicious PowerShell command, which downloaded and executed the CORNFLAKE.V3 backdoor. This backdoor supported various payload types and could collect system information, which was transmitted via Cloudflare tunnels to evade detection. CORNFLAKE.V3 is an updated version of CORNFLAKE.V2, featuring host persistence and additional payload support. The campaign also involved the deployment of WINDYTWIST.SEA, a backdoor that supports lateral movement within infected networks.