A new campaign involving malicious Visual Studio Code (VS Code) extensions has exposed a loophole in the VS Code Marketplace that allows threat actors to reuse names of previously removed packages.
The extensions, which carried the name “shiba,” delivered ransomware through a multi-stage attack.
How the Attack Works
ReversingLabs researchers found that one of the malicious extensions, ahbanC.shiba, was a simple downloader.
Once installed, it executed the command shiba.aowoo, which retrieved a second payload from a remote server. The script encrypted files in a designated test folder and demanded ransom in the form of one Shiba Inu token, an Ethereum-based cryptocurrency. Notably, as in earlier cases, no actual wallet address was provided for payment.
This technique mirrored an earlier case in the Python Package Index (PyPI), where attackers reused the name of a removed package to spread malware.
The reuse of names on VS Code Marketplace, however, contradicts the platform’s own documentation, which states extension names must be unique.
Read more on software supply chain attacks: Supply Chain Incident Imperils Glasgow Council Services and Data
The ReversingLabs investigation revealed that the issue stems from how VS Code handles extension removal. Marketplace publishers can either unpublish or remove an extension. While unpublished extensions retain their names and statistics, removed extensions free up their names for anyone to reuse. This gap allowed attackers to republish malicious code under names associated with previously deleted extensions.
ReversingLabs confirmed this flaw by successfully publishing new test extensions under names previously used by malicious packages, such as “Solidity-Ethereum.”
Broader Implications for Malware Delivery
The timeline of the shiba campaign showed repeated use of this tactic. Extensions under different publishers but sharing the same name surfaced from late 2024 through mid-2025.
Researchers noted that, while this incident likely has no link to ransomware groups like Black Basta, the strategy aligns with broader criminal interest in leveraging public repositories for malware delivery.
Key takeaways from ReversingLabs’ findings include:
-
Removed extension names can be reused freely
-
Malicious actors can exploit this to impersonate legitimate tools
-
Developers must remain cautious when adding Marketplace packages
“VS Code Marketplace is becoming more and more popular amongst malicious actors,” ReversingLabs researchers said.
“The discovery of this loophole opens a new can of worms.”
At the time of writing, there is no public indication that Microsoft has taken action specifically to address the ability for different publishers to reuse extension names once a package is removed.