North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

North Korean hacking groups are once again proving that their creativity in bypassing security knows no bounds, and the weakest link in the technological ecosystem remains the developer's trust in their own tools. The latest campaign, identified by cybersecurity researchers, targets users of the world's most popular code editor — Microsoft Visual Studio Code (VS Code). Attackers are exploiting a seemingly innocent task automation feature to infect workstations with a new type of malware called StoatWaffle.

The attack mechanism is precisely aimed at a specific professional group and is based on a campaign known as Contagious Interview. Hackers, also operating under the codename WaterPlum, pose as recruiters or colleagues, sending victims programming projects to review or test tasks to complete. What appears to be a standard code repository hides a trap embedded in the development environment's configuration files. The scale of the operation suggests a well-organized structure that has been effectively deploying this new infection tactic since December 2025.

A trap hidden in the tasks.json file

The key to the success of the StoatWaffle campaign is the exploitation of the tasks.json file, which is a standard configuration element in VS Code. Under normal conditions, this file is used by developers to define repetitive tasks, such as compiling code, running unit tests, or linters. The problem arises when using the runOn: folderOpen option, which allows defined commands to be executed automatically immediately after opening the project folder in the editor.

When an unsuspecting developer opens a malicious project, VS Code — provided the user has previously granted "Workspace Trust" to the folder authors — executes the scripts prepared by the hackers. In the case of the WaterPlum campaign, these tasks initiate the download and execution of the StoatWaffle payload directly on the victim's system. This is an extremely dangerous method because it bypasses traditional detection systems based on scanning email attachments, shifting the weight of the attack to the stage of interaction with a work tool that the developer trusts implicitly.

• Target: Developers and software engineers participating in recruitment processes.
• Attack Vector: Malicious Visual Studio Code projects sent as technical tasks.
• Mechanism: Automatic task execution (Auto-Run Tasks) via the tasks.json file.
• Payload: Malware from the StoatWaffle family, enabling remote control over the system.

StoatWaffle and the evolution of the WaterPlum campaign

The StoatWaffle software is not just a simple script, but an advanced backdoor-type tool that allows the WaterPlum group full surveillance of the infected machine. After activation, the malware establishes a connection with a Command and Control (C2) server, from which it can download additional modules, steal credentials, and even serve as a starting point for further penetration of the corporate network. The choice of developers as a target is not accidental — their machines often have high privileges within the IT infrastructure and access to key intellectual property in the form of source code.

The chronology of the North Korean actors' activities is interesting. Since December 2025, we have observed a clear transition from simple social engineering methods to more technically sophisticated "supply chain-like" attacks. The use of specific VS Code features shows that North Korean hackers are deeply analyzing the work processes of Western specialists. Instead of hoping the user will run a suspicious .exe file, they serve them a project that "requires" running in a development environment, which lulls the vigilance of even experienced experts.

It is worth noting the broader context of the Contagious Interview operation. This group has long specialized in creating fake identities on portals such as LinkedIn or GitHub. They build credible recruiter profiles, engage in long-term conversations, and only at a critical moment send the "test task." The novelty is that now the code itself is not the virus, but the configuration of the environment in which that code is to be analyzed. This is a subtle change that drastically increases the effectiveness of the attack.

Security architecture in the era of VS Code threats

In the face of such precise attacks, the traditional approach to security based on VPNs and simple antivirus software is no longer sufficient. The industry must turn toward the ZTNA (Zero Trust Network Access) concept, which assumes that no device or user is safe by default, even if they are inside the corporate network. In the context of developers, it becomes crucial to isolate development environments and limit the lateral movement capabilities of malware across the network after a successful workstation infection.

"A modern approach to security must eliminate lateral movement by directly connecting users to applications, rather than giving them access to entire network segments."

For organizations where developers work, the StoatWaffle campaign should be a wake-up call. It is necessary to implement security policies that enforce the use of the Workspace Trust feature in VS Code and educate employees on the risks associated with task automation in external projects. Every tasks.json file coming from an unknown source should be treated with the same distrust as an executable file from an unknown website.

The need to redefine trust in tools

The success of the WaterPlum group in using VS Code to distribute StoatWaffle exposes a fundamental gap in how we perceive open-source tools and work environments. We have become accustomed to checking dependencies in npm or PyPI, but rarely does anyone look into the .vscode directory for threats. This information asymmetry gives hackers a huge advantage, which they will exploit as long as automation is prioritized over security.

It can be predicted that this technique will become a new standard in the arsenal of APT (Advanced Persistent Threats) groups. Since Visual Studio Code dominates the market, every feature that makes developers' lives easier — like auto-run tasks — will sooner or later be exploited as an attack vector. The only effective defense is to move to a model of full isolation of development processes, where external code is run exclusively in secure containers or virtual machines, devoid of access to sensitive system and network data.