Regarding a researcher's computer being hacked, SlowMist Cosine said that this operation was a supply chain attack on Solidity smart contract developers.

PANews reported on October 3 that encryption researcher @LehmannLorenz said on the X platform that his computer was almost hacked, and a malicious extension was installed with just one click. The developer behind the extension is unverified, but it received 1.7 million downloads (more than any other extension) and a perfect 5/5 star rating within one day of its release. After downloading the malicious extension and extracting its contents, everything looks normal - except for the obfuscated "extension.js" file that runs during installation. The log file shows that the script eventually fails, and the attack relies on PowerShell execution, running entirely in memory and leaving no traces on disk.

In this regard, SlowMist Yuxian said that this is a supply chain attack on Solidity smart contract developers. The editor environment is a high-risk area for supply chain attacks. I have always tried to isolate what can be used in isolation, and try not to install what can be installed, to ensure the principle of "enough is enough". All the fancy things are thrown into independent computers or virtual machines.