Dec 02, 2025Ravie LakshmananMalware / Blockchain
The provision chain marketing campaign often called GlassWorm has as soon as once more reared its head, infiltrating each Microsoft Visible Studio Market and Open VSX with 24 extensions impersonating common developer instruments and frameworks like Flutter, React, Tailwind, Vim, and Vue.
GlassWorm was first documented in October 2025, detailing its use of the Solana blockchain for command-and-control (C2) and harvest npm, Open VSX, GitHub, and Git credentials, drain cryptocurrency belongings from dozens of wallets, and switch developer machines into attacker-controlled nodes for different felony actions.
Essentially the most essential facet of the marketing campaign is the abuse of the stolen credentials to compromise further packages and extensions, thereby spreading the malware like a worm. Regardless of continued efforts of Microsoft and Open VSX, the malware resurfaced a second time final month, and the attackers have been noticed concentrating on GitHub repositories.
The most recent wave of the GlassWorm marketing campaign, noticed by Safe Annex’s John Tuckner, entails a complete of 24 extensions spanning each repositories. The checklist of recognized extensions is beneath –
VS Code Market:
iconkieftwo.icon-theme-materiall
prisma-inc.prisma-studio-assistance (eliminated as of December 1, 2025)
prettier-vsc.vsce-prettier
flutcode.flutter-extension
csvmech.csvrainbow
codevsce.codelddb-vscode
saoudrizvsce.claude-devsce
clangdcode.clangd-vsce
cweijamysq.sync-settings-vscode
bphpburnsus.iconesvscode
klustfix.kluster-code-verify
vims-vsce.vscode-vim
yamlcode.yaml-vscode-extension
solblanco.svetle-vsce
vsceue.volar-vscode
redmat.vscode-quarkus-pro
msjsdreact.react-native-vsce
Open VSX:
bphpburn.icons-vscode
tailwind-nuxt.tailwindcss-for-react
flutcode.flutter-extension
yamlcode.yaml-vscode-extension
saoudrizvsce.claude-dev
saoudrizvsce.claude-devsce
vitalik.solidity
The attackers have been discovered to artificially inflate the obtain counts to make the extensions seem reliable and trigger them to prominently seem in search outcomes, typically in shut proximity to the precise tasks they impersonate to deceive builders into putting in them.
“As soon as the extension has been authorized initially, the attacker appears to simply be capable of replace code with a brand new malicious model and simply evade filters,” Tuckner stated. “Many code extensions start with an ‘activate’ context, and the malicious code is slipped in proper after the activation happens.”
The brand new iteration, whereas nonetheless counting on the invisible Unicode trick, is characterised by means of Rust-based implants which are packaged contained in the extensions. In an evaluation of the “icon-theme-materiall” extension, Nextron Methods stated it comes with two Rust implants which are able to concentrating on Home windows and macOS methods –
A Home windows DLL named os.node
A macOS dynamic library named darwin.node
As noticed within the earlier GlassWorm infections, the implants are designed to fetch particulars of the C2 server from a Solana blockchain pockets deal with and use it to obtain the next-stage payload, an encrypted JavaScript file. As a backup, they will parse a Google Calendar occasion to fetch the C2 deal with.
“Not often does an attacker publish 20+ malicious extensions throughout each of the preferred marketplaces in per week,” Tuckner stated in a press release. “Many builders might simply be fooled by these extensions and are only one click on away from compromise.”
