# Malicious Docker Images and Extensions Compromise Checkmarx KICS Repository in Major Supply Chain Attack


Cybersecurity researchers have uncovered a significant supply chain attack targeting the popular Checkmarx KICS (Keeping Infrastructure as Code Secure) project, with unknown threat actors successfully injecting malicious code into official Docker images and VS Code extensions. The attack, detailed in an alert published by Socket, a software supply chain security firm, represents a concerning escalation in threats targeting development infrastructure tools.


## The Breach: What Happened


Security researchers at Socket discovered that unknown threat actors had gained unauthorized access to the official checkmarx/kics Docker Hub repository and managed to overwrite existing tags with compromised versions. The attackers successfully replaced legitimate images for versions v2.1.20 and alpine, while also introducing a new v2.1.21 tag that does not correspond to any official Checkmarx release.


The compromise extended beyond Docker images to include malicious VS Code extensions, suggesting a coordinated, multi-vector supply chain attack designed to maximize exposure across different development environments and workflows. This multi-platform approach indicates sophisticated threat actors with knowledge of how development teams consume these tools.


Timeline of compromise:

  • Existing Docker tags (v2.1.20, alpine) were overwritten with malicious versions
  • A fake v2.1.21 tag was introduced to lure developers into updating
  • VS Code extensions were similarly compromised to reach developers in their primary IDE

    • ## Background and Context: Why KICS Matters


    KICS is a widely-used, open-source static analysis tool designed to find security vulnerabilities and misconfigurations in Infrastructure as Code (IaC) files. It supports dozens of frameworks and file types, including Terraform, CloudFormation, Kubernetes YAML, Docker Compose, and more.


    The significance of this target:


  • Wide adoption: KICS is used by security teams, DevOps engineers, and developers across thousands of organizations
  • Trust dependency: As a security tool, developers implicitly trust its output and integrate it into CI/CD pipelines
  • IaC access: Compromised versions gain access to infrastructure code during analysis—code that often contains sensitive configuration data, credentials, and deployment templates
  • Trusted source: Official Docker images and VS Code extensions carry implicit trust that makes them high-value attack vectors

    • This attack exploits a fundamental supply chain vulnerability: the implicit trust developers place in official repositories and branded tools. Unlike downloading a random package from an untrusted source, developers assume that official Docker Hub repositories and marketplace extensions have been properly secured.


    ## Technical Details: How the Attack Worked


    The attackers demonstrated sophisticated understanding of Docker Hub repository management and marketplace systems:


    Docker Image Compromise:

  • Gained access to Docker Hub repository credentials or push capabilities
  • Overwrote existing version tags rather than creating obviously new ones—a tactic designed to affect existing CI/CD pipelines that pin to specific versions
  • Created a fake v2.1.21 release that doesn't exist in the official repository, targeting developers who automatically update to latest versions
  • The malicious images likely contain embedded backdoors, data exfiltration code, or cryptominers designed to execute during the scanning process

    • VS Code Extension Compromise:

  • Extended the attack to the Visual Studio Code marketplace
  • Compromised extensions could capture credentials, exfiltrate code repositories, or inject malicious behavior directly into the development environment
  • VS Code extensions run with high privilege levels and direct access to the development machine, making them particularly dangerous attack vectors

    • ## Implications for Organizations


    This attack poses serious risks across multiple layers of the software development lifecycle:


    ### Immediate Risks


    | Risk Category | Impact |

    |---------------|--------|

    | Credential Exposure | Malicious code can intercept and steal API keys, cloud credentials, and authentication tokens stored in IaC files |

    | Code Repository Access | Attack can exfiltrate source code, configuration secrets, and deployment logic |

    | CI/CD Pipeline Compromise | Malicious containers execute within CI/CD pipelines, potentially compromising the entire build and deployment process |

    | Development Machine Compromise | VS Code extensions with elevated privileges can establish persistence and lateral movement |

    | Supply Chain Propagation | Infected artifacts can be pushed through the pipeline to production environments |


    ### Who Was Affected


    Any organization using:

  • KICS Docker images from Docker Hub (especially v2.1.20, alpine, or anyone who updated to v2.1.21)
  • KICS extensions in Visual Studio Code
  • Automated security scanning pipelines that pull KICS images

    • ### Attack Surface Scope


    The breadth of potential exposure is significant:

  • Infrastructure as Code: All analyzed IaC configurations could have been exfiltrated
  • Credentials and secrets: Hardcoded API keys, cloud credentials, and database passwords in configuration files
  • Development environment: Any developer machine running the compromised VS Code extension
  • Build infrastructure: CI/CD systems executing the compromised Docker images

    • ## How Checkmarx and Socket Responded


    Socket's detection capabilities identified the compromised images through behavioral analysis and signature detection. Checkmarx has since:


  • Invalidated the compromised image tags and versions
  • Removed malicious content from the repositories
  • Purged affected extensions from the VS Code marketplace
  • Published detailed indicators of compromise (IOCs) for security teams
  • Advised users to immediately pull the latest verified images and review their deployment pipelines

    • ## What Organizations Should Do Now


    ### Immediate Actions (Next 24 Hours)


    1. Audit Docker image usage: Review all Docker Compose files, Kubernetes manifests, and CI/CD configurations for references to checkmarx/kics images

    2. Check VS Code extensions: Verify which extensions are installed on development machines and in team configurations

    3. Review logs: Check container execution logs and VS Code marketplace access for evidence of compromise

    4. Pull latest versions: Update to the latest patched KICS version from Checkmarx's official GitHub releases, not Docker Hub

    5. Scan for IOCs: Run security tools to detect any indicators of compromise on affected systems


    ### Short-term Remediation (This Week)


  • Rotate credentials: Any credentials that may have been exposed through affected pipelines should be rotated
  • Review exfiltrated data: Determine what infrastructure code and configurations may have been accessed
  • Re-scan environments: Run updated KICS versions to ensure current infrastructure configurations
  • Update dependencies: Force all CI/CD pipelines to use verified, patched versions through explicit version pinning
  • Patch development machines: Update VS Code to the latest version and remove any compromised extensions

    • ### Long-term Recommendations


  • Verify source: Always pull KICS from the official GitHub repository releases rather than Docker Hub
  • Container image scanning: Implement automated scanning of all container images before deployment
  • Supply chain verification: Use container image signing and verification to ensure authenticity
  • Dependency monitoring: Subscribe to security advisories for all critical development dependencies
  • Least privilege: Limit the permissions and network access of CI/CD pipelines and containers
  • Credential management: Never embed credentials in IaC files—use dedicated secret management systems

    • ## Broader Implications for Supply Chain Security


    This attack exemplifies why supply chain security must be a primary concern for security teams:


    Key lessons:

  • Official repositories are valuable attack targets because they carry implicit trust
  • Tools with deep pipeline integration (like security scanners and code analysis tools) are particularly dangerous when compromised
  • A single compromised dependency can affect thousands of organizations
  • Development tooling deserves the same security scrutiny as production infrastructure

    • ## Conclusion


    The malicious KICS Docker images and VS Code extensions represent a sophisticated, multi-vector supply chain attack that demonstrates the evolving threat landscape facing development organizations. While Checkmarx and the security community have responded quickly, the incident underscores the need for organizations to implement robust supply chain security practices, including container image verification, dependency monitoring, and immediate incident response capabilities.


    Development teams should treat this as a critical security incident requiring immediate investigation and remediation across all affected systems and pipelines.