Fast Facts

• GlassWorm re-infiltrated OpenVSX with three new malicious Visual Studio Code extensions.
• Over 10,000 downloads before detection; previous campaign reached nearly 36,000 downloads.
• Malware steals credentials and crypto wallet data, using invisible Unicode symbols to hide its code.
• Attackers manage their botnet via the Solana blockchain and use Google Calendar as a backup channel.
• Victims span the US, South America, Europe, Asia, and Middle Eastern government agencies.

Return of a Digital Predator

Imagine a shape-shifting worm slithering through the cracks of a fortress, slipping past newly built walls and leaving a trail of invisible damage. That’s the story unfolding at OpenVSX, a popular open-source marketplace for Visual Studio Code extensions, where the notorious GlassWorm malware has resurfaced with a vengeance.

First detected in October 2025, GlassWorm is no ordinary digital pest. It’s a sophisticated, self-spreading worm designed to steal developer credentials for platforms like GitHub, npm, and OpenVSX itself, as well as plunder cryptocurrency wallet information. Its creators, believed to be Russian-speaking cybercriminals, cloak its malicious JavaScript code using invisible Unicode characters - like writing threats in invisible ink.

How the Attack Unfolded

Earlier this year, GlassWorm’s operators slipped three new infected extensions - ai-driven-dev.ai-driven-dev, history-in-sublime-merge, and transient-emacs - into OpenVSX. Combined, these were downloaded over 10,000 times before researchers at Koi Security raised the alarm. Despite OpenVSX’s efforts to harden its defenses after a prior wave of attacks (which saw 12 infected extensions and tens of thousands of downloads), the worm’s stealthy tactics proved effective once again.

GlassWorm doesn’t just steal credentials; it uses them to spread itself further, infecting any extensions the compromised users have access to. This self-propagating ability makes it especially dangerous, turning victims into unwitting accomplices.

The Global Web and a High-Tech Command Center

Digging deeper, Koi Security - tipped off anonymously - managed to access the attackers’ command server. The findings were alarming: GlassWorm’s victims are scattered across the globe, including government entities in the Middle East. The malware’s command infrastructure is unusually resilient, leveraging the Solana blockchain for botnet control and Google Calendar as a backup communications channel. This multi-layered approach makes GlassWorm hard to kill; if one communication line is cut, another is ready to take its place.

GlassWorm’s operators reportedly use the open-source RedExt framework to orchestrate attacks, a reminder of how public tools can be weaponized. Security firm Aikido recently warned that GlassWorm’s reach now extends to GitHub, signaling a broader campaign against developer ecosystems.

Industry Response and What’s Next

In response, OpenVSX revoked compromised accounts and enhanced security, but the persistent return of GlassWorm exposes the limits of reactive defense. Koi Security has shared critical evidence - including crypto exchange and messenger IDs of the attackers - with law enforcement, and is coordinating with affected organizations to mitigate damage. Still, the true scale of the attack remains uncertain, as download counts may have been artificially inflated by the criminals themselves.

WIKICROOK

• OpenVSX: OpenVSX is an open-source marketplace where users can find, share, and install extensions to enhance their code editors, similar to an app store.
• Malware: Il malware è un software dannoso progettato per infiltrarsi, danneggiare o rubare dati da dispositivi informatici senza il consenso dell’utente.
• Unicode Obfuscation: Unicode obfuscation is when attackers use hidden or unusual Unicode characters in code to disguise malware and evade security detection.
• Blockchain Command Channel: A Blockchain Command Channel uses decentralized ledgers, like Solana, to send instructions to malware, making it difficult for authorities to disrupt or block.
• Botnet: A botnet is a network of infected devices remotely controlled by cybercriminals, often used to launch large-scale attacks or steal sensitive data.