12 points navad 19 hours ago 1 comments
While setting up a new dev machine today, we noticed that there's a new plugin, listed 3 days ago with more than 2M (fake?) downloads on the MS VSCode Marketplace [0] and OpenVSX [1].
Reverse engineering is still in progress but you probably want to make sure that you don't have this plugin installed and running.
[0] https://marketplace.visualstudio.com/items?itemName=AhmedCrypto.ahmedcrypto1
[1] https://open-vsx.org/extension/juanbIanco/solibidity
mtmail 18 hours ago | parent
Looks like a clone of https://marketplace.visualstudio.com/items?itemName=JuanBlan... (1.3M downloads, 10 years old). So question is how they possibly faked the 2M downloads.