Security researchers have uncovered a significant threat targeting developers through the VS Code Marketplace. A coordinated campaign involving 19 malicious extensions has been actively infiltrating the platform, with the attack remaining undetected since February 2025. These deceptive extensions carry hidden malware in their dependency folders, designed to evade security detection and compromise developer machines.
The campaign showcases a concerning shift among attackers towards targeting the software supply chain. Instead of deploying obvious threats, threat actors created extensions that either impersonate legitimate packages or claim to offer genuine features. Once installed, these extensions activate malicious code silently in the background. A particularly sophisticated element of this campaign is the method of concealment: attackers embedded executable files within what appeared to be harmless image files, specifically PNG files. This approach adds an extra layer of deception, as developers would not suspect a graphic file of containing executable code.
The threat emerges from a worrying trend observed by security analysts. In the first ten months of 2025 alone, malware detections specifically targeting VS Code almost quadrupled compared to the entirety of 2024, rising from 27 to 105 instances. This sharp increase indicates that the VS Code Marketplace has become an increasingly attractive target for malicious actors seeking to reach developer communities.
Technical Infection Mechanism of Malicious VS Code Extensions
ReversingLabs security analysts identified that the malware exploits the way VS Code extensions are structured. Extensions are typically pre-packaged with all their dependencies in a node_modules folder, allowing them to run without needing to download additional components. The researchers discovered that the attackers weaponized the popular “path-is-absolute” npm package, which has accumulated over 9 billion downloads since 2021. By adding malicious code to this dependency within their extensions, they effectively turned a trusted component into a delivery mechanism for the trojan.
The infection process begins when VS Code starts up. The modified package’s index.js file contains a new class that automatically triggers upon launch. This class decodes a JavaScript dropper concealed inside a malicious banner.png file. The dropper itself was hidden through base64 encoding and string reversal, making manual analysis considerably difficult.
When executed, this dropper deploys two malicious binaries using cmstp.exe, a legitimate Windows tool that attackers have abused. One binary is responsible for managing the attack process, while the other is a more sophisticated Rust-based trojan whose full capabilities were still under investigation at the time of discovery. Four extensions involved in the campaign utilized alternative methods, splitting the malicious binaries into separate .ts and .map files rather than concealing them within PNG archives.
Development teams are strongly advised to immediately audit their installed extensions. It is crucial to verify the sources of all extensions and to employ security scanning tools before installation to prevent potential compromise. This ongoing threat underscores the importance of vigilance within the software development ecosystem.