Ravie LakshmananFeb 02, 2026Developer Instruments / Malware
Cybersecurity researchers have disclosed particulars of a provide chain assault focusing on the Open VSX Registry by which unidentified risk actors compromised a respectable developer’s sources to push malicious updates to downstream customers.
“On January 30, 2026, 4 established Open VSX extensions revealed by the oorzc writer had malicious variations revealed to Open VSX that embed the GlassWorm malware loader,” Socket safety researcher Kirill Boychenko stated in a Saturday report.
“These extensions had beforehand been introduced as respectable developer utilities (some first revealed greater than two years in the past) and collectively gathered over 22,000 Open VSX downloads previous to the malicious releases.”
The provision chain safety firm stated that the provision chain assault concerned the compromise of the developer’s publishing credentials, with the Open VSX safety group assessing the incident as involving using both a leaked token or different unauthorized entry. The malicious variations have since been faraway from the Open VSX.
The checklist of recognized extensions is under –
FTP/SFTP/SSH Sync Device (oorzc.ssh-tools — model 0.5.1)
I18n Instruments (oorzc.i18n-tools-plus — model 1.6.8)
vscode mindmap (oorzc.mind-map — model 1.0.61)
scss to css (oorzc.scss-to-css-compile — model 1.3.4)
The poisoned variations, Socket famous, are designed to ship a loader malware related to a identified marketing campaign referred to as GlassWorm. The loader is provided to decrypt and run embedded at runtime, makes use of an more and more weaponized method referred to as EtherHiding to fetch command-and-control (C2) endpoints, and finally run code designed to steal Apple macOS credentials and cryptocurrency pockets information.
On the identical time, the malware is detonated solely after the compromised machine has been profiled, and it has been decided that it doesn’t correspond to a Russian locale, a sample generally noticed in malicious applications originating from or affiliated with Russian-speaking risk actors to keep away from home prosecution.
The sorts of knowledge harvested by the malware embody –
Information from Mozilla Firefox and Chromium-based browsers (logins, cookies, web historical past, and pockets extensions like MetaMask)
Cryptocurrency pockets information (Electrum, Exodus, Atomic, Ledger Stay, Trezor Suite, Binance, and TonKeeper)
iCloud Keychain database
Safari cookies
Information from Apple Notes
consumer paperwork from Desktop, Paperwork, and Downloads folders
FortiClient VPN configuration information
Developer credentials (e.g., ~/.aws and ~/.ssh)
The focusing on of developer info poses extreme dangers because it exposes enterprise environments to potential cloud account compromise and lateral motion assaults.
“The payload contains routines to find and extract authentication materials utilized in widespread workflows, together with inspecting npm configuration for _authToken and referencing GitHub authentication artifacts, which may present entry to personal repositories, CI secrets and techniques, and launch automation,” Boychenko stated.
A major facet of the assault is that it diverges from beforehand noticed GlassWorm indicators in that it makes use of a compromised account belonging to a respectable developer to distribute the malware. In prior cases, the risk actors behind the marketing campaign have leveraged typosquatting and brandjacking to add fraudulent extensions for subsequent propagation.
“The risk actor blends into regular developer workflows, hides execution behind encrypted, runtime-decrypted loaders, and makes use of Solana memos as a dynamic lifeless drop to rotate staging infrastructure with out republishing extensions,” Socket stated. “These design selections cut back the worth of static indicators and shift defender benefit towards behavioral detection and speedy response.”
