Malicious Pull Request Compromises Popular VS Code Extension Ethcode, Impacting 6,000 Developers
TL;DR
Cybersecurity experts have identified a supply chain attack on the Ethcode VS Code extension, affecting over 6,000 developers. The attack exploited a malicious pull request on GitHub, highlighting the critical need for vigilance in open-source projects.
Introduction
Cybersecurity researchers have flagged a significant supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode. The extension, installed over 6,000 times, was compromised via a malicious pull request on GitHub, underscoring the vulnerabilities in open-source software supply chains.
Key Details
Attack Overview
- Target: Ethcode, a VS Code extension used by developers.
- Compromise Date: June 17, 2025.
- Method: A malicious pull request opened by a user named Airez299.
- Initial Release: Ethcode was first released by 7finney in 2022.
Impact
The compromise of Ethcode has far-reaching implications:
- Affected Users: Over 6,000 developers who installed the extension.
- Potential Risks: Possible data breaches, unauthorized access, and further malware distribution.
Response and Mitigation
- Detection: The attack was identified by ReversingLabs, a leading cybersecurity firm.
- Mitigation Steps: Developers are advised to remove the compromised extension and monitor their systems for any unusual activity.
Conclusion
The Ethcode compromise serves as a stark reminder of the risks associated with open-source software supply chains. Developers and organizations must remain vigilant and implement robust security measures to protect against such threats.
For more details, visit the full article: Source