A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft’s official VS Code marketplace. Named susvsex and published by ‘suspublisher18,’ the extension’s malicious functionality is openly advertised in its description. Secure Annex researcher John Tuckner discovered susvsex and says that it is the product of “vibe coding” and is far from sophisticated.
Despite reporting the extension and its explicit description, which discloses file theft to a remote server and encryption of all files with AES-256-CBC, Microsoft ignored Tuckner’s report and did not remove it from the VS Code registry.
“sneak” vs. “openly advertised in its description”
You can’t have both, article author. Besides, it is way more damning that it didn’t sneak at all. MS asleep at the fuckin’ wheel here.
I can just imagine the vibe coder slopping in randomware in production code …
Programming isn’t what it used to be.
Satya Nadella…!! Import this plugin for all Microsoft employees, so that you can increase the % of code written by AI!