The Invisible Worm: GlassWorm Spreads Via VS Code Extensions and Blockchain C2
Hackers have unleashed a new self-propagating malware dubbed GlassWorm, which first infiltrated the Visual Studio Code extension ecosystem via the OpenVSX marketplace. Researchers at Koi Security found that the worm conceals malicious code using invisible Unicode characters embedded in source files, rendering the payload imperceptible inside the editor. This stealthy concealment is the attack’s hallmark: conventional code reviews and static analysis tools fail to detect the injection because it appears as nothing more than blank space.
GlassWorm couples these invisible fragments with a three-tiered command-and-control infrastructure. The primary channel is anchored on the Solana blockchain, where adversaries abuse the memo field of transactions to carry encrypted pointers to subsequent payload stages. This approach renders the C2 channel effectively indelible—the blockchain’s immutability prevents takedown, while wallets retain anonymity. The secondary tier connects directly to the IP address 217.69.3.218, and a fallback mechanism stores an encrypted link to a file named “zombi_payload” inside a Google Calendar event. Together, these channels create a communication fabric that is both distributed and extraordinarily resistant to disruption.
Once decoded, the payload revealed that GlassWorm is far more than a skimming script: it is a full-blown remote access trojan. The malware hunts for NPM, GitHub, OpenVSX, and Git tokens, as well as credentials for 49 cryptocurrency wallets, including MetaMask, Phantom, and Coinbase Wallet. It then activates a module called ZOMBI, which converts infected hosts into proxy nodes for the criminal network. Compromised machines deploy SOCKS servers, clandestine VNC sessions, and WebRTC modules, enabling attackers to control systems via peer-to-peer links and sidestep conventional firewall barriers.
Infected developers’ workstations become conduits for anonymous traffic, pivot points into corporate intranets, and sources for further propagation. GlassWorm abuses stolen credentials to automatically taint new extensions and packages, creating a self-sustaining reproductive loop: every newly compromised developer becomes another node in the botnet, and the infection multiplies exponentially.
According to Koi Security, on October 17, 2025 seven OpenVSX extensions—collectively downloaded more than 35,800 times—were found compromised. Within two days the worm also surfaced in the official Microsoft VS Code marketplace. Five extensions continue to distribute malicious code; control servers remain operational, and some maintainers whose accounts were hijacked have yet to regain access. Because extensions update automatically, users received infected versions silently, without prompts or consent.
GlassWorm follows Shai Hulud as only the second self-propagating worm observed in developer ecosystems, yet it eclipses its predecessor in danger by virtue of invisible code and blockchain-backed control. The campaign starkly demonstrates how effortlessly malware can infiltrate the software supply chain and evade even seasoned practitioners. Researchers warn the onslaught is ongoing and that the tally of affected projects grows by the day.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
