Sophisticated Threat Actor Compromises 17,000+ Developers Through Trojan Extensions That Steal Code and Mine Cryptocurrency.
Operating since early 2025 under multiple publisher accounts (ab-498, 498, and 498-00), this sophisticated campaign deploys extensions that steal source code, mine cryptocurrency, and establish remote backdoors for complete system control.
A newly identified threat actor known as TigerJack has successfully infiltrated developer marketplaces with at least 11 malicious Visual Studio Code extensions, compromising over 17,000 developers worldwide.
The two most successful malicious extensions, “C++ Playground” and “HTTP Format,” were quietly removed from Microsoft’s VS Code marketplace after months of operation.
However, both extensions remain fully operational in the OpenVSX marketplace, which powers alternative IDEs like Cursor and Windsurf, continuing to compromise developers months after their removal from Microsoft’s platform.
Even more concerning, during the investigation of this operation, TigerJack republished the same malicious code under new names in Microsoft’s marketplace, demonstrating the persistent nature of this threat.
The Perfect Disguise
What makes TigerJack’s operation particularly insidious is that these extensions actually work as advertised.
Like its companion malware, it actually works. Install it, press Ctrl+Shift+F on an HTTP file, and watch your messy API requests get beautifully formatted.
The “C++ Playground” extension delivers everything it promises: real-time code compilation, automatic formatting using Google’s C++ style guide, error highlighting, and seamless VS Code integration.
For any developer evaluating the tool, it appears to be a polished, professional-grade extension.
But beneath this veneer lies sophisticated malware. The extension activates automatically when VS Code starts and registers a document change listener that monitors every C++ file.
Every keystroke triggers a function after a 500-millisecond delay, capturing complete source code and transmitting it to multiple endpoints including ab498.pythonanywhere.com and api.codex.jaagrav.in.
The malware operates with surgical precision, only activating for C++ files to avoid detection, while capturing everything from breakthrough algorithms to proprietary company code.
The “HTTP Format” extension employs a different attack vector. While providing legitimate HTTP file formatting functionality, it secretly turns infected machines into cryptocurrency mining rigs.
The extension contains hardcoded CoinIMP mining service credentials, establishing connections to balance monitoring, user management, and cryptocurrency withdrawal endpoints.
Infected developers experience constantly running fans, system lag, and degraded performance while TigerJack profits from their hijacked CPU resources.
Remote Backdoor Access
The most alarming discovery involves three extensions under the “498” publisher account that contain remote code execution capabilities.
Meanwhile, for the TigerJack, it’s effortless. Every infected machine becomes a passive income stream – invisible, automated, and scalable.
These extensions establish persistent backdoors that check for new commands every 20 minutes, downloading and executing arbitrary JavaScript from TigerJack’s server using the dangerous eval() function.
This remote access capability transforms the operation from targeted malware into an open door for any attack. TigerJack can dynamically push payloads to steal credentials, deploy ransomware, use compromised developer machines as entry points into corporate networks, inject backdoors into projects, or monitor activity in real-time without ever updating the extension. This represents sophisticated attack infrastructure designed for maximum flexibility and control.
Investigation reveals a coordinated campaign spanning 11 extensions across three publisher accounts, employing professional-level social engineering tactics including GitHub repositories for credibility, consistent branding, detailed feature lists, and strategic naming that mimics legitimate tools.
Analysis uncovered a particularly insidious trojan horse tactic: several extensions were initially uploaded as completely benign tools with no malicious code.
This approach allowed TigerJack to accumulate positive reviews, pass security scans, and establish legitimacy before pushing updates that introduced malicious functionality.
Developers who had vetted extensions before installation unknowingly received compromised tools through later updates.
On September 17, 2025, TigerJack launched a coordinated republication campaign, simultaneously publishing five extensions under the new “498-00” publisher account, including “cppplayground” which repackaged the same malicious code from the original removed extension.
The Marketplace Security Failure
The TigerJack operation exposes fundamental flaws in the fragmented developer marketplace ecosystem.
Microsoft’s eventual removal involved silent deletion with zero user notification – no security advisory, no warning to the 17,000+ compromised developers, just extension IDs buried in an obscure GitHub repository.
More concerning is that both malicious extensions remain fully operational in the OpenVSX marketplace with professional descriptions, user reviews, and verified badges creating an illusion of safety.
Alternative marketplaces appear to have virtually no security detection mechanisms, creating a security shell game where malware migrates between platforms while developers remain unknowingly exposed.
When security operates in silos, sophisticated threat actors simply exploit the gaps between platforms, republishing removed malware with minimal friction.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.
