Researchers from Aqua Security have discovered that supply chain attacks are being carried out by hackers using Visual Studio Marketplace.
Researchers found that attackers could pose as well-known VS Code extensions to lure developers into downloading malicious versions, according to a recent report. The majority of developers (about 74.48 percent) use VS Code, making it the most widely used IDE. Part of what makes VS Code so popular is the enormous selection of extensions that are readily available. The researchers raise issues with the verification process as well.
Developers would anticipate that a blue checkmark would be displayed for authors who have been confirmed to be who they claim to be, but instead it is simply displayed to indicate that the publisher has established domain ownership.