Fake Prettier Extension on VSCode Marketplace Dropped Anivia Stealer
hackread.comCybersecurity firm Checkmarx Zero, in collaboration with Microsoft, removed a malicious ‘prettier-vscode-plus’ extension from the VSCode Marketplace. The fake coding tool was a Brandjacking attempt designed to deploy Anivia Stealer malware and steal Windows user credentials and data.
A swift response from security researchers recently stopped a harmful software attack targeting the popular Visual Studio Code (VSCode) Marketplace. A malicious extension, designed to look like Prettier – Code formatter, a legitimate and well-known coding tool, was quickly found and removed, stopping a potentially widespread security incident before it could cause damage.
Quick Action Prevents Major Threat
The security firm Checkmarx Zero identified the fake extension, named prettier-vscode-plus, which was posted under the publisher account publishingsofficial. This is an example of a Brandjacking attack, which occurs when a malicious party tries to use the good name of a trusted brand to trick people into downloading a dangerous alternative.
In this specific case ...
Copyright of this story solely belongs to hackread.com . To see the full text click HERE