A Dangerous Loophole in the VS Code Marketplace Is Allowing Malicious Extensions

ReversingLabs researchers have uncovered a dangerous loophole in the Visual Studio Code (VS Code) Marketplace that allows threat actors to reuse the names of previously removed extensions to distribute malware—including ransomware in development.

In March, ReversingLabs discovered malicious VS Code extensions, including ahban.shiba and ahban.cychelloworld, which acted as simple malware loaders. As the report explains, “One of the recent campaigns RL discovered in March contained simple malware in the VS Code extensions ahban.shiba and ahban.cychelloworld that were downloading and running second stage malware. The interesting part was the second stage itself: It was a ransomware in development, encrypting files in a test folder.”

Although these malicious extensions were reported and removed from the Marketplace, attackers resurfaced only months later with a new extension. “In June, a new malicious extension called ahbanC.shiba was discovered. Compared with the earlier, ahban extensions, nothing changed except for the spelling of the extension’s unique ID.”

What surprised researchers wasn’t the malware itself but how the attackers reused the same extension name. “However, what struck RL threat researchers wasn’t the capabilities of this new malicious extension, but its name: ‘shiba.’ That’s an extension that is identical to one of the two malicious extensions discovered in March. According to the official VS Code Marketplace documentation, that shouldn’t be possible.”

Further investigation revealed the cause: a loophole in how VS Code handles removed extensions. The report notes, “While users still can’t reuse the name of the unpublished extensions, names of the extensions that are removed can be reused freely. That could potentially allow a threat actor to publish a malicious extension that claims the same name as a previous, legitimate VS Code extension that has since been removed.”

This means that attackers can impersonate previously trusted extensions, potentially fooling developers into downloading malicious code disguised under familiar names.

Like its predecessors, the new ahbanC.shiba extension functioned as a downloader. Once installed, “the extension registered only one command: shiba.aowoo. Once the extension was added to VS Code IDE and this single command was called, a second malicious payload would be downloaded and run.”

The second stage payload attempted to encrypt files in a test folder and demand ransom in the form of Shiba Inu tokens, an Ethereum-based cryptocurrency. While the extension lacked a functioning crypto wallet, the behavior demonstrated that attackers were testing ransomware delivery pipelines via the Marketplace.

The discovery underscores how public developer ecosystems are being weaponized. ReversingLabs warns, “The VS Code Marketplace is becoming increasingly popular amongst malicious actors. Just like with the targeting of PyPI, they are developing new ways to trick developers and users to download malicious packages instead of legitimate ones.”

More concerningly, this isn’t limited to VS Code. Similar vulnerabilities have been observed in other ecosystems like PyPI, where attackers reused names of deleted packages to distribute malware.

Related Posts:

• Survey: 45% of network security experts reuse the same password
• Malicious VS Code Extension Masquerades as Zoom to Steal Chrome Cookies
• Developers Beware: Supply Chain Attacks Target Visual Studio Code Extensions
• Jenkins Docker Images Vulnerable to SSH Host Key Reuse
• Developers Beware: Supply Chain Attacks Target Visual Studio Code Extensions
• Malicious VS Code Extensions Deliver Spyware, Steal Crypto Credentials