{
	"id": "75235e8f-a9bb-43d5-90b3-770cfbdd1b31",
	"created_at": "2026-04-21T02:18:50.727495Z",
	"updated_at": "2026-04-21T02:20:18.231784Z",
	"deleted_at": null,
	"sha1_hash": "4d9ac9e7ac3311652b0cea730a6e217ec167f031",
	"title": "VSCode Security: Malicious Extensions Detected- More Than 45,000 Downloads- PII Exposed, and Backdoors Enabled",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 60625,
	"plain_text": "VSCode Security: Malicious Extensions Detected- More Than\r\n45,000 Downloads- PII Exposed, and Backdoors Enabled\r\nBy gmcdouga\r\nPublished: 2023-05-16 · Archived: 2026-04-21 02:01:32 UTC\r\nHighlights:\r\n1. CloudGuard Spectral detected malicious extensions on the VSCode marketplace\r\n2. Users installing these extensions were enabling attackers to steal PII records and to set remote shell\r\nto their machines\r\n3. Once detected, we’ve alerted VSCode on these extensions. Soon after notification, they were removed\r\nby the VSCode marketplace team.\r\nVSCode (short for Visual Studio Code) is a popular and free source code editor developed by Microsoft. It’s an\r\nefficient and customizable coding environment that can support a wide range of programming languages,\r\nframeworks, and tools. VSCode has gained much popularity in recent years and has become one of developers’\r\nmost popular code editors. One of the main reasons is the VSCode Extensions Marketplace, a central hub where\r\ndevelopers can discover and install new extensions to enhance their coding experience. The marketplace includes\r\nofficial Microsoft and third-party extensions developed by the community.\r\nAs for today, the marketplace includes around 50k extensions. The VSCode extensions are add-ons that can be\r\ninstalled to upgrade the functionality of the editor. They can be used to add new features, support new\r\nprogramming languages, integrate with external tools and services, and more. Malicious extensions can pose a\r\nsecurity risk to users by installing malware, stealing user data, or performing other harmful actions.\r\nTo prevent the distribution of malicious extensions, Microsoft has implemented several security measures for the\r\nVSCode Extensions Marketplace, such as automatic extension scanning tools to detect and remove malicious\r\nextensions from the marketplace and user reviews and ratings to identify and report malicious extensions. Until\r\nthis day, almost no malicious extensions were published to be detected on the VSCode marketplace.\r\nThreat actors keep searching for new ways to infect users, and open-source code components can be a common\r\nsource for infections—especially the more common ones. As such, we’ve decided to investigate VSCode\r\nextensions in search of malicious ones.\r\nAs part of our analysis, we found and disclosed a few malicious extensions to the VSCode team with a total count\r\nof more than 45K installs. We’ve also found extensions with suspicious code patterns but no clear malicious\r\nindicators. Once detected, we disclosed our findings to the VSCode team, and the extensions were removed.\r\nThese continued findings highlight the need to verify every open-source component, not just assume it will be ok.\r\nWe have included details regarding our specific findings below.\r\nhttps://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/\r\nPage 1 of 7\n\nThe VSCode extensions marketplace\r\nMalicious Extensions with more than 45,000 Installs\r\nPrettiest java\r\nThe first extension to mention was named ‘prettiest java.’ Based on its short description, it was supposed to be a\r\n‘java helper,’ probably a simple name-squatting, trying to fool users by mimicking the popular Prettier-Java code\r\nformatter project.  Looking into the extension code, we could witness a classic PII stealer code, quite common on\r\nthe PyPI distribution, searching for local secrets and sending them to the attacker using a Discord webhook.\r\nThe extension description from the VSCode marketplace\r\nhttps://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/\r\nPage 2 of 7\n\nTheme Darcula dark\r\nThe next extension to mention was named ‘Theme Darcula dark,’ based on its description, it was supposed to be\r\n‘an attempt to improve Dracula colors consistency on VS Code, making it more pleasant to the eyes during coding\r\nsessions.’ This extension was interesting for two reasons; first, it was quite popular, with more than 45k installs.\r\nThe second is the malicious code contained within. While the extension was supposed to be a simple theme\r\nconfiguration (no code should be included), it had a simple PII stealer code, which is quite common among NPM\r\nmalicious packages, sending much metadata regarding the installer settings to a remote machine. Code that\r\nshouldn’t exist, especially for allegedly editor theme.\r\nhttps://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/\r\nPage 3 of 7\n\nPython-vscode\r\nThe last malicious extension was named ‘python-vscode.’ While the extension didn’t have a description (and\r\ntherefore, most users shouldn’t even be aware of or pay attention to), witnessing its relatively high installs count\r\nindicates it managed to attract VSCode users to download and install it–effectively infecting those installers. An\r\nexplanation for that is the extension naming, which can fool users into assuming it is a Python development\r\nVSCode enabler. Looking into the extension code, we faced an obfuscated statement being injected into the\r\ninstaller machine. Interestingly, this code was a common C# shell injector code pattern.\r\nhttps://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/\r\nPage 4 of 7\n\nThe extension description from the VSCode marketplace\r\nSnippet from the extension main .js code, injecting obfuscated C# code\r\nhttps://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/\r\nPage 5 of 7\n\nProbably the reference malicious code, found on Github\r\nSuspicious but not clearly malicious\r\nAs part of our analysis, we came across multiple cases where extensions were using suspicious code patterns but,\r\nat the same time, weren’t clearly malicious. The more notable cases were those using private registries to install\r\nfrom the required packages (instead of NPM, which can be a way to sneak in malicious packages silently) and\r\nthose downloading resources from general IP addresses. Both can be theoretically abused to infect installers but\r\ncurrently don’t seem to include clear evidence that this is the case.\r\nhttps://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/\r\nPage 6 of 7\n\nDisclosure\r\nWe disclosed the malicious extensions to VSCode, and soon after, the VSCode marketplace team removed them.\r\nDisclosure – timeline\r\nMay 4th, 2023 – disclosure submitted to VSCode\r\nMay 8th, 2023 – VSCode team acknowledged the submission\r\nMay 14th, 2023 – malicious extensions were removed from the VSCode marketplace\r\nAn increasing risk\r\nIt’s important to emphasize that the malicious extensions we’ve found are not new; most of them are even more\r\nthan a year old. This fact highlights again the open-source components risk; no one guarantees that the open\r\nsources we use are benign, and it’s our responsibility to verify them.\r\nSupply chain attacks are becoming more frequent. Therefore, it’s essential to ensure we’re kept safe, and to\r\ndouble-check every software ingredient we use, especially those we didn’t create. At Check Point, we aim to\r\ngenerate a secure development process to ensure developers do the right things (security-wise). As part of this\r\neffort, CloudGuard Spectral constantly scans PyPI and NPM for malicious packages to prevent supply chain\r\nattack risks—keeping your code clean, applications safe, and malicious actors out.\r\nSource: https://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-bac\r\nkdoors/\r\nhttps://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/\r\nPage 7 of 7",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://blog.checkpoint.com/securing-the-cloud/malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors/"
	],
	"report_names": [
		"malicious-vscode-extensions-with-more-than-45k-downloads-steal-pii-and-enable-backdoors"
	],
	"threat_actors": [],
	"ts_created_at": 1776737930,
	"ts_updated_at": 1776738018,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/4d9ac9e7ac3311652b0cea730a6e217ec167f031.pdf",
		"text": "https://archive.orkl.eu/4d9ac9e7ac3311652b0cea730a6e217ec167f031.txt",
		"img": "https://archive.orkl.eu/4d9ac9e7ac3311652b0cea730a6e217ec167f031.jpg"
	}
}