Malicious VS Code Extensions Hide Malware in Fake PNG File, Triggering New Supply-Chain Threat

A new malicious campaign targeting Visual Studio Code (VS Code) extensions has been uncovered – and it’s one of the most technically deceptive supply-chain attacks this year.

Researchers at ReversingLabs revealed 19 VS Code extensions hiding malware not in their main code, but inside the dependency folders developers typically trust and rarely inspect. The extensions, active since February 2025, carried malicious binaries disguised as harmless image files and pre-packaged npm dependencies.

This wasn’t a simple typo-squatting trick. It was a carefully engineered infiltration of the developer ecosystem, designed to execute malware the moment VS Code opens.

For organizations across the world – especially in fast-growing developer markets like the Middle East and Africa (MEA) – the campaign is a stark reminder that developer tooling itself is now prime territory for threat actors.

How the Attack Worked – A Trojan Inside a Fake PNG

At the center of the campaign was a modified version of a widely-used npm package, path-is-absolute, which has more than 9 billion cumulative downloads since 2021.

Attackers inserted:

• An altered index.js file containing a malicious bootstrap class
• A disguised file named banner.png, which was not an image at all
• Multiple malware binaries hidden inside the fake PNG
• A JavaScript “dropper” embedded in a file named lock

The PNG file – actually a compressed malicious archive – was designed to appear normal. But any attempt to preview it would fail. Instead, its contents were executed by abusing cmstp.exe, a Windows living-off-the-land binary (LOLBIN).

From there:

• One binary executed a script to close cmstp
• The second binary delivered a Rust-based trojan, still under analysis

By masking the binaries inside a file developers would never question, attackers bypassed trust-based assumptions built into extension workflows.

Why Dependency Folders Made This Possible

VS Code extensions are distributed with pre-packaged dependencies, including any node_modules content the publisher includes.

This means attackers – as legitimate extension owners – could:

• Ship modified versions of popular npm dependencies
• Bundle malware as if it were normal runtime code
• Avoid detection from npm or extension reviewers
• Exploit the fact that developers assume dependencies inside extensions are clean

Four of the malicious extensions used another dependency, @actions/io, to deploy the payload instead of path-is-absolute. In those cases, malware binaries were hidden in .ts and .map files.

This is not the first time dependency folders have been abused, but the use of a fake image container and dual payload execution marks a notable escalation.

Growing Trend: VS Code Becoming a Target-Rich Environment

The VS Code Marketplace has become a high-value target in the software supply chain.

ReversingLabs reports:

• 105 malicious extensions detected in the first 10 months of 2025
• Up from 27 in 2024
• A 4× increase in attacks targeting development tools

Some malicious extensions impersonate popular add-ons. Others modify legitimate ones via malicious pull requests, a pattern seen earlier this year in the ETHCode compromise.

With millions of developers worldwide depending on VS Code daily, supply-chain attacks here represent a direct path into corporate source code, CI/CD pipelines, cloud environments, and production systems.

Why This Matters to MEA Organizations

The Middle East and Africa are experiencing rapid growth in:

• DevOps adoption
• Cloud-native development
• Startup ecosystems
• Cross-border digital services

This growth also increases dependency on VS Code across SOC teams, developers, fintechs, and digital government platforms.

A single compromised extension installed on a developer workstation can:

• Exfiltrate API keys
• Steal cloud credentials
• Inject malicious code into repositories
• Compromise CI/CD systems
• Move laterally into internal networks

For organizations managing sensitive infrastructure across the GCC, North Africa or sub-Saharan Africa, this type of supply-chain risk can escalate into full-blown breaches.

10 Best Practices Security Teams Should Implement Now

To minimize exposure, organizations should immediately tighten security around developer tools and supply-chain dependencies.

1. Audit all installed VS Code extensions across developer endpoints — especially low-review or newly published extensions.
2. Whitelist trusted extensions and block unknown or unverified publishers.
3. Perform static analysis on VS Code extension packages (.vsix) before installation.
4. Scan the node_modules folder inside each extension for modified files or foreign binaries.
5. Use supply-chain security tools such as Spectra Assure or similar solutions from Saintynet Cybersecurity.
6. Block risky LOLBINs like cmstp.exe unless required for business processes.
7. Use EDR with behavioral detection to inspect suspicious child process creation.
8. Educate developers and engineers through awareness training on extension risks and dependency tampering.
9. Monitor corporate GitHub/GitLab environments for unexpected actions triggered by compromised extensions.
10. Apply zero-trust principles for developer machines, CI/CD, and coding pipelines.

These measures reduce the chance that a compromised extension will silently infiltrate the software supply chain.

Conclusion

This latest VS Code campaign is a sobering reminder: attackers are moving deeper into the developer ecosystem, hiding malware where trust is assumed and controls are weakest.

By altering a widely trusted npm package and embedding malicious binaries inside a fake PNG file, attackers demonstrated the fragility of developer workflows and the ease with which supply-chain components can be turned against their users.

Security teams must accelerate efforts to secure developer environments, not just production systems. Because today, the next breach may begin with a single VS Code extension.