Trade
Basic
Futures
Futures
Hundreds of contracts settled in USDT or BTC
TradFi
Gold
Trade global traditional assets with USDT in one place
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Futures Kickoff
Get prepared for your futures trading
Futures Events
Participate in events to win generous rewards
Demo Trading
Use virtual funds to experience risk-free trading
Earn
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
New
Trade on-chain assets and enjoy airdrop rewards!
Futures Points
New
Earn futures points and claim airdrop rewards
Investment
Simple Earn
Earn interests with idle tokens
Auto-Invest
Auto-invest on a regular basis
Dual Investment
Buy low and sell high to take profits from price fluctuations
Soft Staking
Earn rewards with flexible staking
Crypto Loan
0 Fees
Pledge one crypto to borrow another
Lending Center
One-stop lending hub
VIP Wealth Hub
Customized wealth management empowers your assets growth
Private Wealth Management
Customized asset management to grow your digital assets
Quant Fund
Top asset management team helps you profit without hassle
Staking
Stake cryptos to earn in PoS products
Smart Leverage
New
No forced liquidation before maturity, worry-free leveraged gains
GUSD Minting
Use USDT/USDC to mint GUSD for treasury-level yields
More
North Korea-originated espionage operation compromises developers via VS Code extensions
According to reports circulated on social media, groups associated with North Korea are using sophisticated social engineering techniques to trick programmers into opening malicious projects in Visual Studio Code. Once the developer opens these seemingly legitimate projects, the hidden code is automatically executed, performing harmful actions in the background without the user’s consent.
The Attack Mechanism: Code Recovery and Backdoor Deployment
The compromise strategy works through a well-defined process. First, the malicious code retrieves JavaScript scripts stored on the Vercel platform, a popular infrastructure for hosting web applications. Then, it establishes backdoors in the victim’s system, allowing intruders to gain remote control over the machine and execute arbitrary commands. This level of access is particularly dangerous for developers, as it can compromise not only their personal machines but also the projects and repositories they have access to.
The Security Gap That Went Unnoticed
The most concerning aspect of this incident involves the timeline of its discovery. The malicious repository identified as ‘VSCode-Backdoor’ had been publicly available on GitHub for several months, accessible to anyone performing a superficial search. Despite being exposed during this considerable period, the security community and the general public only recently became aware of the threat. This delay in recognition highlights a critical failure in detection mechanisms and community vigilance on code sharing platforms.
Implications for Developers and Open Source Communities
The operation coordinated by North Korea marks a turning point in attack tactics targeting the software development ecosystem. Unlike previous threats that targeted specific systems, this campaign exploits the trust inherently linked to collaborative development environments. Developers should adopt more rigorous verification practices before executing code from unknown sources, while open source communities need to strengthen their mechanisms for detecting malicious artifacts.