AI-Powered Ransomware: When Your Code Editor Has a Dark Sense of Humor
Cybersecurity researchers have flagged a malicious Visual Studio Code extension with basic ransomware capabilities, allegedly created with AI—vibe-coded, if you will. Fortunately, this “test” extension, “susvsex,” targets a staging directory, but it’s a reminder to always be wary when installing new extensions.
Hot Take:
Looks like AI is finding new ways to express itself, and this time, it’s decided to try its hand at ransomware. Who knew the future of coding would be “vibe-coded” malware with a side of GitHub shenanigans? It’s like AI decided to take a gap year and picked “Cybercriminal Intern” as its job title. But hey, at least it’s not asking for a salary yet.
Key Points:
– A VS Code extension with ransomware capabilities was found, thanks to AI’s questionable career choices.
– The extension, called “susvsex,” was easily detectable and quickly removed by Microsoft.
– It included a ransomware function that zips, uploads, and encrypts files in a test directory.
– The extension’s creator left all the juicy details and tools wide open for everyone in the code.
– Meanwhile, npm is having its own drama with 17 packages distributing the Vidar Stealer.