Malicious VSCode extensions on Microsoft’s registry drop infostealers www.bleepingcomputer.com/news/secu…
Two malicious extensions on Microsoft’s Visual Studio Code Marketplace infect developers' machines with information-stealing malware that can take screenshots, steal credentials, crypto wallets, and hijack browser sessions.
The two malicious extensions, called Bitcoin Black and Codo AI, masquerade as a color theme and an AI assistant, respectively, and were published under the developer name ‘BigBlack.’ At the time of writing, Codo AI was still present in the marketplace, although it counted fewer than 30 downloads. Bitcoin Black’s counter showed only one install.
