Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension

by Wikdaily July 8, 2025

written by Wikdaily July 8, 2025 0 comments

Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times.

The compromise, per ReversingLabs, occurred via a GitHub pull request that was opened by a user named Airez299 on June 17, 2025.

First released by 7finney in 2022, Ethcode is a VS Code extension that’s used to deploy and execute solidity smart contracts in Ethereum Virtual Machine (EVM)-based blockchains. An EVM is a decentralized computation engine that’s designed to run smart contracts on the Ethereum network.

According to the supply chain security company, the GitHub project received its last non-malicious update on September 6, 2024. That changed last month when Airez299 opened a pull request with the message “Modernize codebase with viem integration and testing framework.”

The user claimed to have added a new testing framework with Mocha integration and contract testing features, as well as made a number of changes, including removing old configurations and updating the dependencies to the latest version.

While that may seem like a useful update for a project that lay dormant for over nine months, ReversingLabs said the unknown threat actor behind the attack managed to sneak in two lines of code as part of 43 commits and roughly 4,000 lines changes that compromised the entire extension.

This included the addition of an npm dependency in the form of the “keythereum-utils” in the project’s package.json file and importing it in the TypeScript file linked to the VS Code extension (“src/extension.ts”).

The JavaScript library, now taken down from the npm registry, has been found to be heavily obfuscated and contains code to download an unknown second-stage payload. The package has been downloaded 495 times.

Multiple versions of “keythereum-utils” have been uploaded to npm by users named 0xlab (version 1.2.1), 0xlabss (versions 1.2.2, 1.2.3, 1.2.4, 1.2.5, and 1.2.6), and 1xlab (version 1.2.7). The npm accounts no longer exist.

“After deobfuscating the keythereum-utils code, it became easy to see what the script does: spawn a hidden PowerShell that downloads and runs a batch script from a public file-hosting service,” security researcher Petar Kirhmajer said.

While the exact nature of the payload is not known, it’s believed to be a piece of malware that’s either capable of stealing cryptocurrency assets or poisoning the contracts that are being developed by users of the extension.

Following responsible disclosure to Microsoft, the extension was removed from the VS Code Extensions Marketplace. After the removal of the malicious dependency, the extension has since been reinstated.

“Ethcode package has been unpublished by Microsoft,” 0mkara, a project maintainer for the tool, said in a pull request submitted on June 28. “They detected a malicious dependency in Ethcode. This PR removes potential malicious repository keythereum from the package.”

Ethcode is the latest example of a broader and escalating trend of software supply chain attacks, where attackers weaponize public repositories like PyPI and npm to deliver malware directly into developer environments.

“The GitHub account Airez299 that initiated the Ethcode pull request was created on the same day as the PR request was opened,” ReversingLabs said. “Accordingly, the Airez299 account does not have any previous history or activity associated with it. This strongly indicates that this is a throwaway account that was created solely for the purpose of infecting this repo — a goal in which they were successful.”

According to data compiled by Sonatype, 16,279 pieces of open-source malware have been discovered in the second quarter of 2025, a 188% jump year-over-year. In comparison, 17,954 pieces of open-source malware were uncovered in Q1 2025.

Of these, more than 4,400 malicious packages were engineered to harvest and exfiltrate sensitive information, such as credentials, and API tokens.

“Malware targeting data corruption doubled in frequency, making up 3% of total malicious packages — more than 400 unique instances,” Sonatype said. “These packages aim to damage files, inject malicious code, or otherwise sabotage applications and infrastructure.”

The North Korea-linked Lazarus Group has been attributed to 107 malicious packages, which were collectively downloaded over 30,000 times. Another set of more than 90 npm packages has been associated with a Chinese threat cluster dubbed Yeshen-Asia that has been active since at least December 2024 to harvest system information and the list of running processes.

These numbers underscore the growing sophistication of attacks targeting developer pipelines, with attackers increasingly exploiting the trust in open-source ecosystems to carry out supply chain compromises.

“Each was published from a distinct author account, each hosted just one malicious component, and all communicated with infrastructure behind Cloudflare-protected yeshen.asia domains,” the company said.

“Although no novel techniques were observed in this second wave, the level of automation and infrastructure reuse reflect a deliberate, persistent campaign focused on credential theft and secret exfiltration.”

The development comes as Socket identified eight fake gaming-related extensions in the Mozilla Firefox Add-ons store that harbored varying levels of malicious functionality, ranging from adware to Google OAuth token theft.

Specifically, some of these extensions have also been found to redirect to gambling sites, serve bogus Apple virus alerts, and stealthily route shopping sessions through affiliate tracking links to earn commissions, and even track users by injecting invisible tracking iframes containing unique identifiers.