Cybersecurity experts have identified a sophisticated campaign by North Korean threat actors, tracked as WaterPlum, deploying a modular malware family known as StoatWaffle through malicious Microsoft Visual Studio Code (VS Code) projects. The campaign, dubbed Contagious Interview, targets developers and cryptocurrency professionals with social engineering tactics.
Auto-Execution via VS Code Tasks
The attackers leverage the tasks.json file in VS Code projects, exploiting the runOn: folderOpen option to automatically execute malicious payloads when any file in the project folder is opened. This tactic, first observed in December 2025, ensures infection across both Windows and other operating systems.
The malware initiates by checking for Node.js in the environment. If absent, StoatWaffle installs it from the official source. It then launches a downloader, periodically polling an external server to fetch further payloads, ultimately executing them as Node.js code.
Modular Capabilities: Stealer and RAT
StoatWaffle comprises two primary modules:
- Stealer Module: Extracts credentials and extension data from web browsers such as Chromium-based browsers and Firefox, uploading them to a command-and-control (C2) server. On macOS, it additionally targets iCloud Keychain data.
- RAT Module: Provides remote access, enabling attackers to enumerate files, execute Node.js commands, upload data, and manage the infected system remotely. It can also self-terminate if needed.
NTT Security noted that WaterPlum continues to refine StoatWaffle and other malware families to enhance persistence and effectiveness.
Supply Chain Attacks on Open-Source Ecosystem
The campaign overlaps with multiple attacks on open-source platforms:
- Malicious npm packages distributing PylangGhost malware.
- PolinRider campaign injecting obfuscated JavaScript into hundreds of GitHub repositories, ultimately deploying BeaverTail malware.
- Compromise of Neutralinojs GitHub repositories through a contributor account to force-push malicious code, delivering BeaverTail via VS Code or npm packages.
Microsoft highlighted that attackers often gain initial access via staged technical interviews, convincing developers to execute malicious GitHub-hosted commands or packages. LinkedIn and cryptocurrency industry executives are frequently targeted, including founders, CTOs, and senior engineers.
Other Malware Families in Use
In addition to StoatWaffle, WaterPlum employs:
- OtterCookie: Backdoor for extensive data theft.
- InvisibleFerret: Python-based backdoor, typically delivered via BeaverTail.
- FlexibleFerret (WeaselStore): Modular backdoor in Go (GolangGhost) and Python (PylangGhost), often deployed as follow-on payloads.
Recent VS Code projects now use GitHub Gist-hosted scripts rather than Vercel domains, reflecting continuous adaptation to evade detection while deploying FlexibleFerret.
Security Mitigations in VS Code
To counter automatic execution abuse, Microsoft introduced the task.allowAutomaticTasks setting in the January 2026 update (v1.109), defaulting to “off” and preventing workspace-level overrides. The February 2026 update (v1.110) adds a secondary prompt warning users when auto-run tasks are detected, enhancing user awareness.
North Korean IT Worker Scheme
This campaign coincides with ongoing social engineering targeting cryptocurrency professionals and developers. The DoJ recently sentenced three individuals for facilitating North Korea’s IT worker scheme, which aimed to generate illicit revenue, steal corporate data, and provide strategic support to North Korean government operations.
Found this article interesting? Follow us on X (Twitter) , Facebook, Blue sky and LinkedIn to read more exclusive content we post.
