Listen to this Post
Visual Studio Code (VS Code) users are facing a renewed wave of cyber threats as GlassWorm, a self-propagating malware targeting VS Code extensions, continues to compromise developer machines worldwide. First discovered in the Open VSX marketplace, GlassWorm has resurfaced despite assurances that the threat had been contained. Its persistence highlights the ongoing vulnerability of open-source software ecosystems and the increasing sophistication of modern malware campaigns.
GlassWorm’s Ongoing Attack on Developers
GlassWorm, initially uncovered by Koi Security researchers, has already infected an estimated 35,800 developer machines. Its capabilities echo those of Shai-hulud, an earlier NPM package worm, but with distinct and highly advanced tactics. The malware spreads via the Open VSX Registry, leveraging extensions that appear legitimate while concealing malicious code using invisible Unicode characters.
The
Despite the Eclipse Foundation’s announcement claiming the incident was fully contained, new infections have been discovered. Koi Security reported three newly compromised VS Code extensions and ongoing C2 activity via Solana blockchain transactions. Victims range across continents—including North and South America, Europe, and Asia—and include critical entities such as government organizations.
GlassWorm has also demonstrated the ability to spread beyond Open VSX. Reports indicate the worm is infiltrating GitHub repositories, hiding malicious payloads behind AI-generated commits to evade detection. Newly identified infected extensions include “ai-driven-dev.ai-driven-dev,” “adhamu.history-in-sublime-merge,” and “yasuyuky.transient-emacs,” adding approximately 10,000 more compromised machines to the tally. Alarmingly, the attack infrastructure remains operational, still distributing payloads and harvesting credentials.
The exposed attacker infrastructure allowed Koi Security to identify victims and track the scope of the campaign. While initial data extraction only provided a partial snapshot, it’s evident that GlassWorm’s reach is extensive. Researchers suspect the real number of compromised devices is far higher than currently documented. The campaign has been linked to Russian-speaking actors and continues to challenge law enforcement and cybersecurity teams worldwide.
The Rising Threat to Open Source Supply Chains
GlassWorm underscores the vulnerabilities inherent in open-source ecosystems, where developers often trust extensions without fully vetting their origin. Supply chain attacks like this exploit the collaborative nature of development platforms, spreading malware through legitimate-looking packages that are widely used. The risk is compounded by GlassWorm’s ability to hide code invisibly, use decentralized C2 networks, and automate propagation through AI-assisted commits.
Developers and organizations are increasingly at risk as malware evolves beyond traditional vectors. GlassWorm demonstrates that modern worms can transform a developer’s machine into a launchpad for further attacks, targeting both individual users and organizational infrastructure. Coordinated responses with law enforcement are underway, but the resilience of the attacker infrastructure suggests that proactive security measures, such as code auditing, credential isolation, and continuous monitoring, are more critical than ever.
What Undercode Say:
GlassWorm represents a significant evolution in supply chain malware. Unlike traditional malware, which relies on manual interaction or simple exploitation, GlassWorm is largely self-propagating and automated. Its use of invisible Unicode characters is an ingenious method to evade detection within code editors, demonstrating an attacker’s deep understanding of developer workflows.
The combination of Solana blockchain and Google Calendar for C2 functions signals a shift towards using decentralized and unconventional channels, making takedown operations more complex. Blockchain-based C2 allows attackers to maintain persistence and resist centralized intervention, while leveraging a public service like Google Calendar adds redundancy in a manner that blends into normal traffic.
Credential harvesting remains the cornerstone of GlassWorm’s strategy. By targeting developer accounts and wallets, attackers gain access to highly valuable resources. This not only allows propagation across repositories and extensions but also facilitates the creation of a decentralized botnet for remote control and further attacks. The AI-assisted commits demonstrate a level of operational sophistication designed to exploit trust and automation in modern software development pipelines.
From a broader perspective, GlassWorm highlights the critical need for enhanced supply chain security. Traditional antivirus solutions and endpoint protections are insufficient against invisible, automated, and decentralized threats. Organizations must adopt layered defenses, including code integrity verification, behavioral analysis, and rapid incident response protocols. Moreover, developers themselves must be educated on the risks of unverified extensions, the importance of credential hygiene, and the necessity of multi-factor authentication in both personal and organizational accounts.
The malware also raises questions about accountability within open-source ecosystems. While platforms like Open VSX and GitHub provide incredible opportunities for collaboration, they also introduce systemic vulnerabilities. The speed at which GlassWorm propagated across multiple platforms reflects weaknesses in vetting processes, access controls, and monitoring of developer contributions.
GlassWorm’s persistence is a reminder that cybersecurity is a dynamic battlefield. Attackers are learning to operate invisibly, automate operations, and exploit decentralized networks to their advantage. What started as a single malware targeting a niche developer marketplace now represents a global supply chain threat with implications for critical infrastructure.
This incident should catalyze a reevaluation of open-source security policies. Developers, organizations, and platform maintainers must collaborate on proactive detection, real-time threat intelligence sharing, and robust containment strategies. Without such efforts, self-propagating malware like GlassWorm could become the norm, undermining trust in open-source development and compromising global cybersecurity.
Fact Checker Results:
✅ GlassWorm is a self-propagating malware targeting VS Code extensions.
✅ The malware spreads via Open VSX and has infected tens of thousands of developer machines worldwide.
✅ GlassWorm uses blockchain and unconventional C2 methods, including Google Calendar, to maintain persistence.
Prediction:
📊 The GlassWorm threat is likely to evolve further, leveraging more decentralized platforms for C2 and exploiting AI to hide in code commits. Developers can expect more sophisticated supply chain attacks targeting both open-source repositories and organizational systems. Global collaboration in cybersecurity and real-time monitoring will become essential to mitigate similar malware in the future.
🕵️📝✔️Let’s dive deep and fact‑check.
References:
Reported By: www.darkreading.com
Extra Source Hub (Possible Sources for article):
https://www.linkedin.com
Wikipedia
OpenAi & Undercode AI
Image Source:
Unsplash
Undercode AI DI v2
Bing
🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]
📢 Follow UndercodeNews & Stay Tuned:
𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon
