Cybersecurity researchers uncovered two malicious Visual Studio Code extensions marketed as AI-powered coding assistants, named "ChatGPT - 中文版" and "ChatGPT - ChatMoss (CodeMoss)," with a combined 1.5 million installs. These extensions operate as expected, providing autocomplete and error explanations, but simultaneously execute covert spyware functions. The malicious code captures every file opened and every source code change made by the developer, encoding the data in Base64 and transmitting it to a command-and-control server located in China (aihao123.cn). The spyware also supports remote commands to exfiltrate up to 50 files from the workspace in real time. Additionally, the extensions embed a hidden zero-pixel iframe loading four major Chinese analytics SDKs (Zhuge.io, GrowingIO, TalkingData, Baidu Analytics) to fingerprint devices and create detailed user profiles. This dual functionality allows the extensions to evade detection by blending legitimate utility with data theft. The campaign, dubbed MaliciousCorgi, exploits the trust developers place in official marketplace extensions. The extensions remain available on the official Visual Studio Marketplace, posing ongoing risk. The threat is compounded by the fact that these extensions do not require elevated privileges or explicit user interaction beyond installation and usage. The exfiltrated data could include proprietary source code, intellectual property, and sensitive development information, potentially enabling espionage, supply chain attacks, or further compromise. The report also references related supply chain vulnerabilities in JavaScript package managers but the primary focus is on the VS Code extension spyware.

For European organizations, this threat poses significant risks to confidentiality and intellectual property protection. Developers using Visual Studio Code may unknowingly leak sensitive source code and development artifacts to foreign servers, potentially compromising proprietary software, trade secrets, and confidential projects. This could lead to competitive disadvantage, regulatory compliance violations (e.g., GDPR concerns over unauthorized data transfer), and reputational damage. Organizations involved in critical infrastructure, defense, finance, or technology sectors are particularly vulnerable due to the sensitivity of their codebases. The stealthy nature of the spyware, combined with its presence in the official marketplace, increases the likelihood of widespread infection. Additionally, the embedded device fingerprinting could facilitate targeted follow-up attacks or surveillance. The data exfiltration to China-based servers may raise geopolitical concerns and trigger regulatory scrutiny. The threat also undermines trust in the software supply chain and development tooling, complicating secure software development lifecycle (SDLC) practices.

European organizations should implement strict policies governing the installation of Visual Studio Code extensions, limiting installations to vetted and trusted publishers only. Employ enterprise extension management tools to whitelist approved extensions and block others. Monitor network traffic for unusual outbound connections, especially to suspicious domains such as aihao123.cn, and implement DNS filtering to block known malicious command-and-control servers. Conduct regular audits of installed extensions and remove any unrecognized or suspicious ones. Educate developers about the risks of installing unverified extensions and encourage reporting of anomalies. Use endpoint detection and response (EDR) solutions capable of detecting unusual file access and exfiltration behaviors. Consider sandboxing development environments or using isolated containers to limit data exposure. Collaborate with Microsoft and the Visual Studio Marketplace to report and expedite removal of malicious extensions. Finally, integrate code repository monitoring to detect unauthorized code leaks and enforce strict access controls on sensitive source code repositories.