Free Trial
|
Login
Free Trial
Login
Platform
Platform
I want to
report
REPORT Picus Red Report 2026
white paper
DATASHEET Security Validation Platform
Use Cases
Use Cases
Frameworks
Industry
Group
WHITEPAPER Building a Robust Defense-in-Depth Strategy with Breach and Attack Simulation (BAS)
Paper Icons
E-BOOK An Introduction to Exposure Validation
Research
RESEARCH
LEARNING
whitepaper
Whitepaper Modernize Your SOC with Breach and Attack Simulation
report (1)
REPORT Blue Report: Effective Threat Exposure Management
Resources
RESOURCES
LEARNING
Group
WHITEPAPER Double Your Threat Blocking in 90 Days
Paper Icons
E-BOOK An Introduction to Exposure Validation
Company
COMPANY
PARTNERS
webinar
WATCH ON-DEMAND: The BAS Summit: Redefining Attack Simulation through AI
Data sheet
DATASHEET The Pioneer of Breach & Attack Simulation
GET A DEMO

T1219.001 IDE Tunneling in MITRE ATT&CK Explained

Sıla Özeren Hacıoğlu | 4 MIN READ

| March 18, 2026

What Is T1219.001 IDE Tunneling in MITRE ATT&CK?

T1219.001 IDE Tunneling is a sub-technique of Remote Access Tools (T1219) in the MITRE ATT&CK framework, used by adversaries to create a secure, encapsulated communications channel into a compromised system by exploiting the features of an Integrated Development Environment (IDE). IDEs are commonly used by developers for remote coding and debugging, but adversaries can abuse them to establish covert access.

IDE Tunneling combines tools such as SSH, port forwarding, file sharing, and debugging into a single, encrypted tunnel. This allows attackers to interact with a system as if they were physically present, often blending with legitimate developer activities. By using this method, adversaries can avoid detection by security systems that focus on more traditional remote access techniques or malicious traffic.

To read about other sub-techniques of the T1219 Remote Access Tools technique, you can visit the related hub blog.

Adversary Use of T1219.001 IDE

Adversaries use T1219.001 IDE Tunneling to establish secure, undetected access to compromised systems by exploiting developer tools that are often trusted and overlooked by traditional security measures. By leveraging the features of IDEs, attackers can create tunnels that mimic normal developer workflows, blending in with legitimate development and debugging activities.

Common malicious uses include:

  • Escalating Privileges: Attackers can use IDE Tunneling to gain elevated privileges by interacting with remote systems through trusted development interfaces.
  • Exfiltrating Data: Through tunneling, adversaries can exfiltrate sensitive data by utilizing secure file-sharing features in IDEs, all while avoiding traditional network detection systems.
  • Maintaining Persistence: By combining remote access with port forwarding and file-sharing, attackers ensure that they can maintain long-term, covert access to compromised systems without detection.
  • Evading Security Monitoring: Since IDE Tunneling mimics legitimate development activity, adversaries can bypass standard security controls and monitoring systems that are not configured to detect developer tools being misused for malicious purposes.

In essence, IDE Tunneling allows adversaries to operate stealthily within a network, blending into normal development workflows while maintaining secure, persistent access to compromised environments.

Procedure Examples Used by Adversaries in Red Report 2026

The T1219.001 IDE Tunneling technique was introduced by MITRE ATT&CK in March 2025. One active use of this technique was documented in a China-based attack campaign [1].

The adversaries obtained Visual Studio Code (either portable or pre-installed) on compromised systems and executed code.exe tunnel to initiate the Remote Tunneling feature. This command caused the VS Code client to establish an outbound HTTPS connection to Microsoft's tunnel relay infrastructure and generate an authentication URL.

The adversaries navigated to this URL and authenticated using their own controlled GitHub account credentials. This OAuth flow bound the tunnel session to the adversaries' identity rather than any legitimate organizational account, registering the compromised machine as an accessible endpoint in their tunnel registry.

Connection Architecture

Once authenticated, Microsoft's cloud infrastructure acted as a relay broker between the adversaries' client (accessed through vscode.dev in a browser) and the compromised host. The victim machine maintained a persistent outbound WebSocket connection to Microsoft's Azure-hosted relay servers. When the adversaries connected using their authenticated session, the relay forwarded encrypted traffic bidirectionally without requiring inbound connections on the compromised system.

This created a reverse proxy architecture where all communication traversed Microsoft's trusted infrastructure using standard HTTPS on port 443, bypassing firewall egress filtering and appearing as legitimate developer traffic.

Operational Capabilities

The tunnel provided the adversaries with a browser-based VS Code environment connected directly to the compromised system. Through the integrated terminal, they executed reconnaissance commands, deployed additional malware payloads, and created password-protected RAR archives for data exfiltration. The file system explorer enabled direct file manipulation, while the terminal sessions ran with the same privileges as the code.exe process.

Persistence Mechanism

To maintain access across reboots, the adversaries created a Windows scheduled task that executed startcode.bat at system startup. This helper script launched code.exe tunnel with flags like --accept-server-license-terms and --name to automatically re-establish the tunnel connection without user interaction. The scheduled task ensured the outbound connection to Microsoft's relay servers persisted independently of user sessions.

Evasion Characteristics

The technique evaded detection because code.exe is a legitimate Microsoft-signed executable, all network traffic was encrypted HTTPS to trusted Microsoft Azure domains, and no adversary-controlled infrastructure was required. The process tree in Cortex XDR showed code.exe as the parent of terminal sessions executing commands and tools, but the legitimate process signature prevented application whitelisting blocks and reduced endpoint detection alerting.

Validate Your Defenses Against the Red Report 2026 Threats


Reference

[1] T. Fakterman, “Chinese APT Abuses VSCode to Target Government in Asia,” Unit 42, Sep. 06, 2024. Available: https://unit42.paloaltonetworks.com/stately-taurus-abuses-vscode-southeast-asian-espionage/. [Accessed: Dec. 18, 2025]

Table of Contents

Ready to start? Request a demo
T1219.001 IDE Tunneling in MITRE ATT&CK Explained
MITRE ATT&CK T1219.001 IDE Tunneling in MITRE ATT&CK Explained
Learn More
T1071.004 DNS in MITRE ATT&CK Explained
MITRE ATT&CK T1071.004 DNS in MITRE ATT&CK Explained
Learn More
T1071.005 Publish/Subscribe Protocols in MITRE ATT&CK Explained
MITRE ATT&CK T1071.005 Publish/Subscribe Protocols in MITRE ATT&CK Explained
Learn More
T1071.003 Mail Protocols in MITRE ATT&CK Explained
MITRE ATT&CK T1071.003 Mail Protocols in MITRE ATT&CK Explained
Learn More
T1071.002 File Transfer Protocols in MITRE ATT&CK Explained
MITRE ATT&CK T1071.002 File Transfer Protocols in MITRE ATT&CK Explained
Learn More
T1071.001 Web Protocols in MITRE ATT&CK Explained
MITRE ATT&CK T1071.001 Web Protocols in MITRE ATT&CK Explained
Learn More
T1059.013 Container CLI/API in MITRE ATT&CK Explained
MITRE ATT&CK T1059.013 Container CLI/API in MITRE ATT&CK Explained
Learn More
T1059.012 Hypervisor CLI in MITRE ATT&CK Explained
MITRE ATT&CK T1059.012 Hypervisor CLI in MITRE ATT&CK Explained
Learn More
T1059.011 Lua in MITRE ATT&CK Explained
MITRE ATT&CK T1059.011 Lua in MITRE ATT&CK Explained
Learn More