"The VS Code extensions masquerade as a premium dark theme and an artificial intelligence (AI)-powered coding assistant, but, in actuality, harbor covert functionality to download additional payloads, take screenshots, and siphon data. The captured information is then sent to an attacker-controlled server. "Your code. Your emails. Your Slack DMs. Whatever's on your screen, they're seeing it too," Koi Security's Idan Dardikman said. "And that's just the start. It also steals your WiFi passwords, reads your clipboard, and hijacks your browser sessions.""
"Earlier versions of the extensions came with the ability to execute a PowerShell script to download a password-protected ZIP archive from an external server ("syn1112223334445556667778889990[.]org") and extract from it the main payload using four different methods: Windows native Expand-Archive, .NET System.IO.Compression, DotNetZip, and 7-Zip (if installed). That said, the attacker is said to have inadvertently shipped a version that created a visible PowerShell window and could have alerted the user. Subsequent iterations, however, have been found to hide the window and streamline the entire process by switching to a batch scrip"
"The names of the extensions are below - BigBlack.bitcoin-black (16 installs) - Removed by Microsoft on December 5, 2025 BigBlack.codo-ai (25 installs) - Removed by Microsoft on December 8, 2025 Microsoft's list of removed extensions from the Marketplace shows that the company also removed a third package named "BigBlack.mrbigblacktheme" from the same publisher for containing malware. While "BigBlack.bitcoin-black" activates on every VS Code action, Codo AI embeds its malicious functionality within a working tool, thereby allowing it to bypass detection."
Two malicious VS Code extensions masquerading as a premium dark theme and an AI coding assistant infected developer machines with stealer malware. The extensions downloaded additional payloads, took screenshots, siphoned data, and sent captured information to an attacker-controlled server. Targeted data included code, emails, Slack messages, WiFi passwords, clipboard contents, and browser sessions. The packages BigBlack.bitcoin-black (16 installs) and BigBlack.codo-ai (25 installs) were removed by Microsoft in December 2025, and a third package was also removed. Earlier builds used a PowerShell script to fetch a password-protected ZIP from syn1112223334445556667778889990[.]org and extract payloads via multiple extraction methods; later builds hid execution and switched to batch scripting. One extension activates on every VS Code action, while the other embeds malicious behavior inside a working tool to help bypass detection.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]