CyberSecurityBoard
Sponsor Register Login

Hackers Turned Visual Studio Code As A Remote Access Tool

After successfully intercepting the exfiltrated data the threat actors exploit unauthorized access through GitHub’s authentication system by navigating to “hxxps://github[.]com/login/device” and utilizing stolen alphanumeric activation codes. Through this compromised VSCode tunnel connection, attackers can execute powerful hacking tools, including Mimikatz (for credential harvesting), LaZagne (for password recovery), In-Swor (for system reconnaissance), and Tscan (for network scanning). Researchers recently uncovered a sophisticated cyber attack campaign that begins with a malicious “.LNK” file. This collected data is “Base64” encoded and exfiltrated to a “C&C server” at “requestrepo[.]com/r/2yxp98b3,” by employing tactics similar to those used by the “Stately Taurus” Chinese APT group. The attack chain begins with a malicious .LNK file (Windows shortcut) containing an obfuscated Python script, bypassing traditional security measures. This sophisticated attack methodology demonstrates how legitimate development tools like VSCode can be weaponized through social engineering and technical exploitation. Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Cyber Security News Is a Dedicated News Channel For Hackers And Security Professionals. The Cyble Research and Intelligence Labs recently identified that hackers have turned the Visual Studio code into a remote access tool. Get Latest Hacker News & Cyber Security Newsletters update Daily.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 04 Oct 2024 09:55:20 +0000


Cyber News related to Hackers Turned Visual Studio Code As A Remote Access Tool

Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning - Our structured query language (SQL) injection detection model detected triggers containing unusual patterns that did not correlate to any known open-source or commercial automated vulnerability scanning tool. We have tested all malicious payloads ...
2 months ago Unit42.paloaltonetworks.com
CVE-2008-3704 - Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 ...
6 years ago
Hackers Turned Visual Studio Code As A Remote Access Tool - After successfully intercepting the exfiltrated data the threat actors exploit unauthorized access through GitHub’s authentication system by navigating to “hxxps://github[.]com/login/device” and utilizing stolen alphanumeric ...
2 months ago Cybersecuritynews.com
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
1 year ago Hackread.com
RustDoor malware targets macOS users by posing as a Visual Studio Update - A new malware called RustDoor is targeting macOS users. The malware has been undetected for 3 months, and poses as a Microsoft Visual studio Update. ADVERTISEMENT. The malware was discovered by Bitdefender. Bitdefender products identify the malware ...
10 months ago Ghacks.net
Optimizing Cybersecurity: How Hackers Use Golang Source Code Interpreter to Evade Detection - Hackers have been upping the stakes when it comes to executing cyberattacks, and an increasingly popular tool in their arsenal is the Golang source code interpreter. Reportedly, the interpreter is used to obfuscate code, thus making it harder for ...
1 year ago Bleepingcomputer.com
LMSYS launches 'Multimodal Arena': GPT-4 tops leaderboard, but AI still can't out-see humans - The arena collected over 17,000 user preference votes across more than 60 languages in just two weeks, offering a glimpse into the current state of AI visual processing capabilities. OpenAI's GPT-4o model secured the top position in the Multimodal ...
5 months ago Venturebeat.com
CVE-2024-26152 - ### Summary ...
9 months ago
Hackers Weaponize Microsoft Visual Studio Add-Ins to Push Malware - Security researchers have warned that hackers may start using Microsoft Visual Studio Tools for Office (VSTO) more often as a method to achieve persistence and execute code on a target machine via malicious Office add-ins. This technique is an ...
1 year ago Bleepingcomputer.com
Google Adds Gemini Pro API to AI Studio and Vertex AI - Google also announced Duet AI for Developers and Duet AI in Security Operations, but neither uses Gemini yet. Starting Dec. 13, developers can use Google AI Studio and Vertex AI to build applications with the Gemini Pro API, which allows access to ...
1 year ago Techrepublic.com
CVE-2020-1416 - An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'. ...
1 year ago
CVE-2012-0008 - Untrusted search path vulnerability in Microsoft Visual Studio 2008 SP1, 2010, and 2010 SP1 allows local users to gain privileges via a Trojan horse add-in in an unspecified directory, aka "Visual Studio Add-In Vulnerability." Per: ...
6 years ago
Hackers breach Australian court hearing database - The court system for Australia's second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria, an administrative body that supports the operations of the ...
11 months ago Therecord.media
Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
1 year ago Bleepingcomputer.com
Booking.com hackers increase attacks on customers - Hackers are increasing their attacks on Booking.com customers by posting adverts on dark web forums asking for help finding victims. Cyber-criminals are offering up to $2,000 for login details of hotels as they continue to target the people who are ...
1 year ago Bbc.com
Best Paid and Free OSINT Tools for 2024 - Open Source Intelligence tools are software applications or platforms used to collect, analyze, and interpret publicly available information from various online sources, aiding in investigations, research, and intelligence gathering. These OSINT ...
8 months ago Hackread.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
5 months ago Securityweek.com
Dissecting GootLoader With Node.js - This article shows how to circumvent anti-analysis techniques from GootLoader malware while using Node.js debugging in Visual Studio Code. In our debugging endeavor for GootLoader files, we use a Windows host with Node.js JavaScript runtime and ...
5 months ago Unit42.paloaltonetworks.com
CVE-2006-1043 - Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual ...
6 years ago
The Unlikely Romance of Hackers and Government Suitors - The annual Hack the Capitol event brings together a diverse group of scientists, hackers, and policymakers to educate congressional staffers, scholars, and the press about the most critical cybersecurity challenges facing our nation. Hack the Capitol ...
1 year ago Darkreading.com
FBI disrupts Moobot botnet used by Russian military hackers - The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies. This network of hundreds of ...
10 months ago Bleepingcomputer.com
North Korean Hackers Use Fake Job Offers & Salary Bumps as Lure for Crypto Theft - Recent investigations have uncovered a massive operation carried out by North Korean hackers looking to steal cryptocurrency through fake job offers and salary bumps. According to recent reports, hackers have been able to trace the malicious ...
1 year ago Therecord.media
Why Have Big Cybersecurity Hacks Surged in 2023? - Payments made to hackers who hold systems hostage for ransom increased by almost half through September, according to blockchain analytics firm Chainalysis Inc., totaling almost $500 million in payouts. In just the past few months, hackers have ...
1 year ago Bloomberg.com
Hackers Fix Polish Train Glitch, Face Legal Pushback by the Manufacturer - In a recent cybersecurity incident, three Polish hackers achieved success in repairing the malfunctioning software of a train, initially serviced by independent repair shops for a regional rail operator. The narrative took a twist when accusations ...
1 year ago Hackread.com
North Korean Hackers Utilizing Credential Stuffing to Launch Cyberattacks - In an alarming new report, researchers found that North Korean-linked hackers have been using stolen passwords during cyberattacks to gain access to various government, military and financial networks. According to security experts, the creative ...
1 year ago Thehackernews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)