Skip to main content
Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

Summary by BleepingComputer
A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and plant backdoors.

7 Articles

BleepingComputerBleepingComputer
Center

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode) marketplace and OpenVSX registry to steal cryptocurrency and plant backdoors.

Read Full Article
Enterprise Sec TechEnterprise Sec Tech

TigerJack’s Malicious VSCode Extensions Signal a Growing Supply Chain Crisis in Developer Tools

A new coordinated malware campaign is exploiting the very tools developers trust most. Researchers have discovered that a threat actor known as TigerJack has been planting malicious extensions across Microsoft’s Visual Studio Code Marketplace and the OpenVSX registry, infecting thousands of machines and turning trusted developer plugins into vehicles for data theft, cryptomining, and long-term remote control.A Stealth Campaign Hidden in Plain Si…

Read Full Article
Malware Analysis, News and IndicatorsMalware Analysis, News and Indicators

Illicit VSCode extensions seek to pilfer cryptocurrency

Illicit VSCode extensions seek to pilfer cryptocurrency At least 11 malicious VSCode extensions have been uploaded by the threat actor TigerJack to facilitate cryptocurrency theft and backdoor injections against develope…

Read Full Article
CSO OnlineCSO Online

TigerJack’s malicious VSCode extensions mine, steal, and stay hidden

In a new disclosure, security researchers revealed that a threat actor group called TigerJack has been publishing malicious extensions on Microsoft’s Visual Studio Code (VSCode) Marketplace and the OpenVSX registry to steal source code, plant cryptominers, and maintain remote access. According to Koi Security’s findings, two of the campaign’s popular extensions – “C++ Payground” and “HTTP Format” – were removed after accumulating over 17,000 dow…

Read Full Article
GBHackers On SecurityGBHackers On Security

TigerJack Hackers Target Developer Marketplaces with 11 Malicious VS Code Extensions

Sophisticated Threat Actor Compromises 17,000+ Developers Through Trojan Extensions That Steal Code and Mine Cryptocurrency. Operating since early 2025 under multiple publisher accounts (ab-498, 498, and 498-00), this sophisticated campaign deploys extensions that steal source code, mine cryptocurrency, and establish remote backdoors for complete system control. A newly identified threat actor known as TigerJack has […] The post TigerJack Hacker…

Read Full Article
unsafe.shunsafe.sh

Malicious Cryptocurrency-Stealing Vscode Extension Resurfaces on Openvsx Platform

Well, a user asked me to help summarize an article, limited to 100 words, without a specific introduction. It seems they might be dealing with a technical issue, such as error code 521. This error is often related to Cloudflare, potentially indicating a server connection issue or a DDoS attack. The user's need is clear: a quick summary of the article's content. They might be a technical person troubleshooting an issue and need to understand the …

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

BleepingComputer broke the news in on Tuesday, October 14, 2025.
Sources are mostly out of (0)

Similar News Topics

Cryptocurrency icon

Cryptocurrency

Microsoft icon

Microsoft

Business icon

Business

Cyber Security icon

Cyber Security

Technology icon

Technology

Financial Fraud icon

Financial Fraud

Security icon

Security

News
For You
SearchBlindspotLocal