• Skydancer
    link
    fedilink
    arrow-up
    2
    ·
    5 months ago

    Good point. That was in the “static IP” category and not counted in the 200+ million install “malicious code” category, though. It could be a warning sign of false positives, but the example was such a small snippet it could also be opening after a VPN is established. That example was supposedly part of code that opens a connection for shell access from the other end, but without more details it’s not really possible to say.

    • Kuinox@lemmy.world
      link
      fedilink
      arrow-up
      1
      arrow-down
      2
      ·
      5 months ago

      Tons of devtools summons cmd.exe and do networks. Their claim is that more than 10% of the vscode marketplate is malicious package (i just divided the number of extensions they says is malicious, by the number of extensions)