Back to LinkedIn posts

LinkedIn post 79

๐Ÿšจ Careful out there! Threat actors are targeting developers and their tools.

๐Ÿšจ Careful out there! Threat actors are targeting developers and their tools.

This Jamf Threat Labs article shows the "Contagious Interview" - the use of malicious Visual Studio Code project files to open backdoors and enable remote code execution.

ARTICLE:
๐Ÿ”— https://lnkd.in/eRqeRE5p

๐Ÿ”น Bad people are hosting Git repositories that appear legitimate ("here is the interview assignment")
๐Ÿ”น When a developer opens the project and trusts it in VS Code, a tasks.json causes VS Code to executes commands.
๐Ÿ”น Those commands fetch obfuscated JavaScript payloads and silently install a persistent backdoor.

๐Ÿ‘‰ The standard safeguard is to review repository contents and limit trust decisions.

๐Ÿšจ Careful out there! Threat actors are targeting developers and their tools.
๐Ÿšจ Careful out there! Threat actors are targeting developers and their tools.