“To abuse Visual Studio Code for malicious purposes, an attacker can use the portable version of code.exe (the executable file for Visual Studio Code), or an already installed version of the software,” Fakterman noted. “By running the command code.exe tunnel, an attacker receives a link that requires them to log into GitHub with their own account.”
Visual Studio Code
Once this step is complete, the attacker is redirected to a Visual Studio Code web environment that’s connected to the infected machine, allowing them to run commands or create new files.
“To abuse Visual Studio Code for malicious purposes, an attacker can use the portable version of code.exe (the executable file for Visual Studio Code), or an already installed version of the software,” Fakterman noted. “By running the command code.exe tunnel, an attacker receives a link that requires them to log into GitHub with their own account.” Visual Studio Code
Once this step is complete, the attacker is redirected to a Visual Studio Code web environment that’s connected to the infected machine, allowing them to run commands or create new files.