Cybersecurity

73 Fake Extensions Walk Into a Repository. The Flock Installs All 73.

Victor Woolridge

2 min read
Share
73 Fake Extensions Walk Into a Repository. The Flock Installs All 73.

I want you to sit with that number for a moment. Seventy-three. Not one suspicious package. Not a handful. Seventy-three cloned imposters, sitting in the Open VSX repository like wolves who have learned to wear wool coats and write decent README files.

And the lambs just... clicked install. Of course they did.

Researchers have confirmed that a persistent information-stealing campaign, designated GlassWorm v2, has been quietly embedding itself into developer workstations via fake VS Code extensions. Six of the 73 have been confirmed to be actively parasitic. The remaining 67 are, apparently, "seemingly benign." I have heard that phrase before. It is what they said about dial-up modems right before someone discovered war-dialing. I do not trust "seemingly benign." I never have.

The attack vector here is elegant in the most infuriating way. Clone a legitimate extension. Give it the same name, the same icon, the same description. Upload it to a public repository where the flock goes shopping for productivity tools. Then wait. The fake grain practically serves itself.

Here is what genuinely offends me as a professional: in the old days, if you wanted to compromise a developer's machine, you had to work for it. Magnetic tape, physical access, actual effort. Now you upload a fake syntax highlighter and go make a sandwich. The wolves have never had it easier, and frankly, the shepherds in management have made it this easy by outsourcing their entire trust model to a public marketplace with the vetting standards of a yard sale.

The Sky Pasture ecosystem, where half these tools ultimately phone home, makes containment even more exciting. Once the parasites are in, they are very comfortable up there.

Remediation

I will keep this simple because apparently simple is what we need.

Audit your extensions. Every single one. If your developers cannot tell you exactly why a tool is installed and who published it, that is a problem you created by not having a policy.

Use a curated, internal extension allowlist. Yes, this requires effort. That is the point. Security is not supposed to be frictionless. Friction is the mechanism.

Verify publisher identity. The legitimate extension and its parasite twin have different publisher signatures. Look at them. With your eyes. Manually.

Monitor outbound traffic from developer endpoints. If your IDE is calling home to an address in a jurisdiction you do not recognize, that is not a feature.

Dip your workstations regularly. Endpoint detection, updated definitions, the works. The ointment exists. Apply it.

Stay paranoid out there, it is the only setting that has ever worked.

Original Report: https://thehackernews.com/2026/04/researchers-uncover-73-fake-vs-code.html