I just started experimenting with the .NET framework and I noticed that when I run:
dotnet list packagein the JavaScript Debug Terminal of VS Code I get all my packages as I should but they have strange Links attached to some of them that lead to scam sites.
ex:
> Windows.EntityFrameworkCore.SQlite --> ww1 .entityframework.com which is a shitty site pretending to be .NET hiring developers.
....
enter image description here
I tried running anti virus scans and cleanups. Nothing detected.
I tested on PowerShell, GitBash and Cmd terminals. Nothing, only happens in the JavaScript Debug Terminal
I tried disabling all my VS Code extensions (including the built-in ones) except the JavaScript debugger to see if its coming form another extension. Still there.
I have heard of extension vulnerabilities and VS Code Hacks but this is a built-in plugin.
Has this happened to anyone?
VSCode is configured to attempt to parse strings from any output that could represent a valid URL and present the option to you as a clickable link for convenience.
Since .tools is a valid TLD, it thinks the string Microsoft.EntityFrameworkCore.Tools is referencing the URL http://microsoft.entityframeworkcore.tools/ which it seems has been parked by an unscrupulous individual or organization. You as the developer should understand that this is a namespace reference and not a URL, and thus there is no value in clicking it.
This is not indicative of any sort of malware or any real malfeasance.
