Malicious Open VSX Extension ‘fast-draft’ Compromises Over 26,000 Developer Systems
A significant security breach has been uncovered within the Open VSX registry, where the ‘fast-draft’ extension, published under the ‘KhangNghiem’ account, was found to harbor concealed malware. This extension, boasting over 26,000 downloads, clandestinely deployed a remote access trojan (RAT) and an infostealer onto developers’ machines without any overt indications.
The Attack Mechanism
The malicious activity was embedded in specific versions of the ‘fast-draft’ extension, notably 0.10.89, 0.10.105, 0.10.106, and 0.10.112. These versions contained code that connected to a GitHub repository managed by an entity identified as BlokTrooper. The extension fetched platform-specific shell scripts from ‘raw.githubusercontent[.]com/BlokTrooper/extension’ and executed them directly within the system shell. This process facilitated the download and execution of a secondary malware payload on the victim’s machine.
In contrast, other versions such as 0.10.88, 0.10.111, and the latest 0.10.135 did not exhibit this behavior. This pattern suggests a potential compromise of the publisher’s account or a stolen release token, rather than intentional malicious actions by the maintainer.
Discovery and Disclosure
Security analysts at Aikido identified the compromised extension through a meticulous, manual review of each ‘fast-draft’ release. They reported the issue to the extension’s maintainer on March 12, 2026, via a public GitHub issue. However, as of the time of reporting, no response had been received.
Impact and Implications
The ramifications of this compromise are extensive and severe. Developers who installed the affected versions inadvertently granted attackers full control over their systems. The secondary payload executed four concurrent attack modules targeting:
1. Remote Control: Establishing a connection to a command-and-control server at ‘195[.]201[.]104[.]53’ over port ‘6931’ using Socket.IO, enabling real-time control over mouse movements, keyboard inputs, screenshots, and clipboard data.
2. Credential Theft: Extracting saved passwords and web data from browsers like Chrome, Edge, Brave, and Opera across Windows, macOS, and Linux platforms. It also targeted 25 cryptocurrency wallet extensions, including MetaMask, Phantom, Coinbase Wallet, and Trust Wallet, transmitting the stolen data to port ‘6936’ on the same command-and-control server.
3. File Exfiltration: Scanning the home directory for documents, environment files, private keys, shell history, and source code. Notably, it avoided directories such as ‘.cursor’, ‘.claude’, and ‘.windsurf’, indicating a focus on AI-assisted developer environments.
4. Clipboard Monitoring: Continuously monitoring the clipboard and sending its contents to the attacker.
With over 26,594 recorded downloads on the Open VSX registry, the potential exposure among open-source developers and software teams worldwide is substantial.
Broader Context
This incident underscores the escalating threat of supply chain attacks targeting developer tools. Malicious actors are increasingly infiltrating trusted platforms to distribute malware, exploiting the inherent trust developers place in these tools.
For instance, the ‘GlassWorm’ campaign compromised popular VSX extensions, turning them into malware delivery vehicles. Attackers gained access to a trusted publisher account and released updates that appeared routine but contained staged loaders. These extensions, with over 22,000 downloads, were widely used for tasks like file synchronization and mind mapping, transforming everyday development activities into potential attack vectors. ([cybersecuritynews.com](https://cybersecuritynews.com/glassworm-infiltrated-vsx-extensions/?utm_source=openai))
Similarly, the ‘SleepyDuck’ malware infiltrated the Open VSX marketplace by masquerading as a legitimate Solidity extension. It established persistent remote access to infected Windows systems while maintaining stealth through various evasion techniques. The malware communicated with a command-and-control server and utilized Ethereum blockchain contracts to maintain its infrastructure, allowing attackers to update control server addresses even if the primary domain was seized or taken offline. ([cybersecuritynews.com](https://cybersecuritynews.com/new-sleepyduck-malware-in-open-vsx-marketplace/?utm_source=openai))
Recommendations for Developers
To mitigate the risk of such attacks, developers are advised to:
1. Vigilant Extension Management: Regularly review and audit installed extensions, paying close attention to recent updates and their sources.
2. Source Verification: Ensure extensions are sourced from reputable publishers and verify their authenticity before installation.
3. Monitor for Unusual Activity: Be alert to unexpected system behavior, such as unauthorized network connections or unrecognized processes.
4. Implement Security Tools: Utilize security solutions capable of detecting and preventing malicious activities within development environments.
5. Stay Informed: Keep abreast of the latest security advisories and updates related to development tools and extensions.
By adopting these practices, developers can enhance their defenses against supply chain attacks and safeguard their systems and data.
