GlassWorm, a highly sophisticated self-propagating malware campaign targeting Visual Studio Code developers via the OpenVSX marketplace, has been discovered by Koi Security. The worm steals credentials from NPM, GitHub, and Git, drains cryptocurrency extensions, deploys hidden VNC and SOCKS proxies, and spreads through compromised extensions using stolen credentials. Notably, GlassWorm hides its payload with invisible Unicode variation selectors, rendering it invisible to human reviewers and many static analysis tools. Its command-and-control leverages the Solana blockchain for persistence and anonymity, with Google Calendar as backup infrastructure. Over 35,800 installations have been affected, with at least 10 extensions still active as of this weekend.
Dale Hoak, CISO, RegScale had this comment:
“The GlassWorm campaign underscores the growing compliance and regulatory risks inherent in today’s open-source and developer ecosystems. Software supply chain attacks no longer target only the end product—they exploit the very tools and dependencies developers trust most. Organizations must move beyond periodic control reviews and adopt continuous monitoring and automation across their build pipelines to detect drift, compromise, or unauthorized changes in real time. Compliance controls governing software supply chain integrity should be codified and enforced as part of the CI/CD process, ensuring that when vulnerabilities like this surface, evidence of continuous validation, provenance tracking, and rapid remediation is already embedded in the operational fabric. This event is another reminder that compliance cannot be static documentation—it must be a living control system that evolves with every dependency update and build cycle.”
Will Baxter, Field CISO, Team Cymru follows with this:
“The GlassWorm campaign marks a fundamental shift in the developer-ecosystem threat model: a self-propagating worm hidden inside VS Code extensions that leverages invisible Unicode, blockchain-based C2 (Solana) and legitimate infrastructure (Google Calendar) to resist coordinated takedown. By harvesting NPM, GitHub and OpenVSX tokens, hijacking crypto-wallet extensions and converting developer machines into SOCKS proxies and hidden VNC nodes, the attackers move far beyond standard supply-chain compromises. This isn’t just a supply-chain problem—it’s a new infrastructure layer merging cyber-crime tooling, blockchain resilience and developer-tooling pivoting. Intelligence sharing between registry operators, threat researchers and blockchain-monitoring partners must work together if we’re to see these hybrid attacks flagged and disrupted before developer systems become massive proxy networks.”
Gunter Ollmann, CTO, Cobalt adds this:
“This campaign underscores how adversaries are evolving their tradecraft to weaponize the software supply chain at its roots. Developers have become high-value targets because compromising their toolchains can cascade across entire ecosystems. The use of blockchain and invisible Unicode payloads shows how detection and takedown are becoming increasingly difficult and require coordination across a growing number of stakeholders. Botnets and bot agents like GlassWorm are precisely the kind of technologies leveraged by state actors in preparation for cyberwarfare, where persistence and resilience to disruption are core tactical advantages. Frequent testing of defenses, SOC playbooks, and offensive security readiness is essential to expose weaknesses before attackers do.”
Even in a moment in time where there’s a new campaign every week from the forces of evil, this one is pretty bad. I am hoping that the result of this campaign is not as devastating and I think it will be. Though I will not be shocked if it is.
Related
This entry was posted on October 21, 2025 at 3:37 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
GlassWorm self-propagating malware hits the streets
GlassWorm, a highly sophisticated self-propagating malware campaign targeting Visual Studio Code developers via the OpenVSX marketplace, has been discovered by Koi Security. The worm steals credentials from NPM, GitHub, and Git, drains cryptocurrency extensions, deploys hidden VNC and SOCKS proxies, and spreads through compromised extensions using stolen credentials. Notably, GlassWorm hides its payload with invisible Unicode variation selectors, rendering it invisible to human reviewers and many static analysis tools. Its command-and-control leverages the Solana blockchain for persistence and anonymity, with Google Calendar as backup infrastructure. Over 35,800 installations have been affected, with at least 10 extensions still active as of this weekend.
Dale Hoak, CISO, RegScale had this comment:
“The GlassWorm campaign underscores the growing compliance and regulatory risks inherent in today’s open-source and developer ecosystems. Software supply chain attacks no longer target only the end product—they exploit the very tools and dependencies developers trust most. Organizations must move beyond periodic control reviews and adopt continuous monitoring and automation across their build pipelines to detect drift, compromise, or unauthorized changes in real time. Compliance controls governing software supply chain integrity should be codified and enforced as part of the CI/CD process, ensuring that when vulnerabilities like this surface, evidence of continuous validation, provenance tracking, and rapid remediation is already embedded in the operational fabric. This event is another reminder that compliance cannot be static documentation—it must be a living control system that evolves with every dependency update and build cycle.”
Will Baxter, Field CISO, Team Cymru follows with this:
“The GlassWorm campaign marks a fundamental shift in the developer-ecosystem threat model: a self-propagating worm hidden inside VS Code extensions that leverages invisible Unicode, blockchain-based C2 (Solana) and legitimate infrastructure (Google Calendar) to resist coordinated takedown. By harvesting NPM, GitHub and OpenVSX tokens, hijacking crypto-wallet extensions and converting developer machines into SOCKS proxies and hidden VNC nodes, the attackers move far beyond standard supply-chain compromises. This isn’t just a supply-chain problem—it’s a new infrastructure layer merging cyber-crime tooling, blockchain resilience and developer-tooling pivoting. Intelligence sharing between registry operators, threat researchers and blockchain-monitoring partners must work together if we’re to see these hybrid attacks flagged and disrupted before developer systems become massive proxy networks.”
Gunter Ollmann, CTO, Cobalt adds this:
“This campaign underscores how adversaries are evolving their tradecraft to weaponize the software supply chain at its roots. Developers have become high-value targets because compromising their toolchains can cascade across entire ecosystems. The use of blockchain and invisible Unicode payloads shows how detection and takedown are becoming increasingly difficult and require coordination across a growing number of stakeholders. Botnets and bot agents like GlassWorm are precisely the kind of technologies leveraged by state actors in preparation for cyberwarfare, where persistence and resilience to disruption are core tactical advantages. Frequent testing of defenses, SOC playbooks, and offensive security readiness is essential to expose weaknesses before attackers do.”
Even in a moment in time where there’s a new campaign every week from the forces of evil, this one is pretty bad. I am hoping that the result of this campaign is not as devastating and I think it will be. Though I will not be shocked if it is.
Share this:
Like this:
Related
This entry was posted on October 21, 2025 at 3:37 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.