• Kuinox@lemmy.world
    link
    fedilink
    arrow-up
    1
    arrow-down
    4
    ·
    5 months ago

    I hopped people here would notice that their “malicious code” detection is totally bogus when the malicious code highlighted hit a local IP address.

    • Skydancer@pawb.social
      link
      fedilink
      arrow-up
      1
      ·
      5 months ago

      Good point. That was in the “static IP” category and not counted in the 200+ million install “malicious code” category, though. It could be a warning sign of false positives, but the example was such a small snippet it could also be opening after a VPN is established. That example was supposedly part of code that opens a connection for shell access from the other end, but without more details it’s not really possible to say.

      • Kuinox@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        2
        ·
        5 months ago

        Tons of devtools summons cmd.exe and do networks. Their claim is that more than 10% of the vscode marketplate is malicious package (i just divided the number of extensions they says is malicious, by the number of extensions)