• Tekhne
    link
    fedilink
    arrow-up
    39
    ·
    5 months ago

    I believe they’re referring to lower down in the article, where the researchers analyzed existing extensions on the marketplace:

    After the successful experiment, the researchers decided to dive into the threat landscape of the VSCode Marketplace, using a custom tool they developed named ‘ExtensionTotal’ to find high-risk extensions, unpack them, and scrutinize suspicious code snippets.

    Through this process, they have found the following:

    • 1,283 with known malicious code (229 million installs).
    • 8,161 communicating with hardcoded IP addresses.
    • 1,452 running unknown executables.
    • 2,304 that are using another publisher’s Github repo, indicating they are a copycat.