• @[email protected]
    link
    fedilink
    125 months ago

    Except their summary is wrong. The researchers went on to search other extensions for known malicious code, and found it in thousands of extensions with tens of millions of total installs.

    • @Kuinox
      link
      -45 months ago

      I hopped people here would notice that their “malicious code” detection is totally bogus when the malicious code highlighted hit a local IP address.

      • @[email protected]
        link
        fedilink
        25 months ago

        Good point. That was in the “static IP” category and not counted in the 200+ million install “malicious code” category, though. It could be a warning sign of false positives, but the example was such a small snippet it could also be opening after a VPN is established. That example was supposedly part of code that opens a connection for shell access from the other end, but without more details it’s not really possible to say.

        • @Kuinox
          link
          -15 months ago

          Tons of devtools summons cmd.exe and do networks. Their claim is that more than 10% of the vscode marketplate is malicious package (i just divided the number of extensions they says is malicious, by the number of extensions)