Verified symbols can be thrown
Once believed to be a reliable indicator of faith, the blue ‘check’ icon next to the name of an extension can now deteriorate. Attackers can repeat the verification tokens, essentially bypass the identity probe, and inject the evil code by preserving the verified badge.
“We analyzed the traffic made by Vscode and discovered the request of the marketplace SaidSaying that they found that verification data has been stored and it has been ascertained how to modify it.
Using this, he created a malicious extension, which copied the verification values โโof a reliable one to make it look valid. Packed as the VSIX file, the crafted extensions run the command such as opening the calculator and can be shared on platforms like Github, where developers can inadvertently install it.
Malibly VSCODE extension is already a reality because recent VSCODE Marketplaces have revealed similar threats, where false tools have downloaded crypto miners or other malware by misusing their reliable condition.
