Cyble Discovers Cyberattack Using VSCode For Remote Access
Cyble Research and Intelligence Lab (CRIL) researchers have uncovered a sophisticated campaign that starts with a suspicious .LNK file and uses Visual Studio Code (VSCode) to establish persistence and remote access – and installs the VSCode command line interface (CLI) if VSCode isn’t found on the victim machine. The attack