New Glassworm Attack Targets MacOS via Compromised Openvsx Extensions
Summary:
A sophisticated supply chain attack has targeted the Open VSX Registry, leveraging compromised developer credentials to distribute a malware loader known as "Glassworm." Unlike previous campaigns that relied on "typosquatting" (mimicking popular names), this attack involved the takeover of an established developer account, "oorzc," to push malicious updates to four legitimate extensions that had already accumulated over 22,000 downloads. Once installed, the Glassworm loader executes a multi-stage infection process that begins by profiling the host system. It specifically targets macOS environments, avoiding systems with Russian locales to evade local prosecution. The malware utilizes advanced Command and Control (C2) techniques, including "EtherHiding," which resolves C2 data from Solana blockchain transaction memos. The final payload is a Node.js-based implant designed to exfiltrate highly sensitive developer data, including AWS and SSH credentials, GitHub and NPM tokens, browser cookies, and cryptocurrency wallet artifacts.
Security Officer Comments:
This campaign represents a significant escalation in supply chain threats for organizations, as it bypasses traditional trust signals like download counts and publisher history. For our members in the IT and critical infrastructure sectors, the targeting of developer environments is particularly alarming. By harvesting credentials such as SSH keys, AWS tokens, and GitHub PATs (Personal Access Tokens), threat actors are not just looking to steal local data; they are seeking the "keys to the kingdom" to facilitate lateral movement into production environments and cloud infrastructure.
The use of "invisible" Unicode characters and blockchain-based C2 infrastructure demonstrates a level of sophistication designed to defeat standard static analysis and network reputation filtering. Because the malware resides within a trusted tool in a developer's daily workflow, it operates with the same permissions as the user, often bypassing endpoint protections that might flag stand-alone executables. For organizations, a single compromised developer could serve as a beachhead for a much larger breach of proprietary source code or customer data.
Suggested Corrections:
To defend against the Glassworm loader and similar supply chain attacks, organizations should implement the following multi-layered defense strategies:
Audit and Remove Compromised Extensions: Security teams should immediately scan development environments for any extensions published by the author "oorzc." Specifically, look for the following versions: FTP/SFTP/SSH Sync Tool (v0.5.1), I18n Tools (v1.6.8), vscode mindmap (v1.0.61), and scss to css (v1.3.4).
Enforce Developer Hygiene: Implement mandatory Multi-Factor Authentication (MFA) for all developer accounts on marketplaces like Open VSX and the VS Code Marketplace. Encourage developers to use short-lived tokens and rotate their NPM, GitHub, and AWS credentials regularly, especially if a suspicious extension update is detected.
Implement Content Integrity Checks: Use automated scanning tools that specifically look for non-printing Unicode characters and unusual obfuscation patterns in third-party dependencies. Where possible, pin extension versions and disable "auto-update" features in IDEs to allow for manual review of changes before deployment.
Monitor Network Anomalies: Monitor for outbound traffic to known Glassworm C2 infrastructure, including direct IP connections and requests to the Solana blockchain API or Google Calendar URLs used as backup C2 channels.
Credential Scoping: Limit the permissions of developer tokens (e.g., GitHub PATs) to the minimum required scopes and use environment-specific credentials to prevent a single local compromise from granting full access to the entire cloud or CI/CD pipeline.
Link(s):
https://socket.dev/blog/glassworm-loader-hits-open-vsx-via-suspected-developer-account-compromise
A sophisticated supply chain attack has targeted the Open VSX Registry, leveraging compromised developer credentials to distribute a malware loader known as "Glassworm." Unlike previous campaigns that relied on "typosquatting" (mimicking popular names), this attack involved the takeover of an established developer account, "oorzc," to push malicious updates to four legitimate extensions that had already accumulated over 22,000 downloads. Once installed, the Glassworm loader executes a multi-stage infection process that begins by profiling the host system. It specifically targets macOS environments, avoiding systems with Russian locales to evade local prosecution. The malware utilizes advanced Command and Control (C2) techniques, including "EtherHiding," which resolves C2 data from Solana blockchain transaction memos. The final payload is a Node.js-based implant designed to exfiltrate highly sensitive developer data, including AWS and SSH credentials, GitHub and NPM tokens, browser cookies, and cryptocurrency wallet artifacts.
Security Officer Comments:
This campaign represents a significant escalation in supply chain threats for organizations, as it bypasses traditional trust signals like download counts and publisher history. For our members in the IT and critical infrastructure sectors, the targeting of developer environments is particularly alarming. By harvesting credentials such as SSH keys, AWS tokens, and GitHub PATs (Personal Access Tokens), threat actors are not just looking to steal local data; they are seeking the "keys to the kingdom" to facilitate lateral movement into production environments and cloud infrastructure.
The use of "invisible" Unicode characters and blockchain-based C2 infrastructure demonstrates a level of sophistication designed to defeat standard static analysis and network reputation filtering. Because the malware resides within a trusted tool in a developer's daily workflow, it operates with the same permissions as the user, often bypassing endpoint protections that might flag stand-alone executables. For organizations, a single compromised developer could serve as a beachhead for a much larger breach of proprietary source code or customer data.
Suggested Corrections:
To defend against the Glassworm loader and similar supply chain attacks, organizations should implement the following multi-layered defense strategies:
Audit and Remove Compromised Extensions: Security teams should immediately scan development environments for any extensions published by the author "oorzc." Specifically, look for the following versions: FTP/SFTP/SSH Sync Tool (v0.5.1), I18n Tools (v1.6.8), vscode mindmap (v1.0.61), and scss to css (v1.3.4).
Enforce Developer Hygiene: Implement mandatory Multi-Factor Authentication (MFA) for all developer accounts on marketplaces like Open VSX and the VS Code Marketplace. Encourage developers to use short-lived tokens and rotate their NPM, GitHub, and AWS credentials regularly, especially if a suspicious extension update is detected.
Implement Content Integrity Checks: Use automated scanning tools that specifically look for non-printing Unicode characters and unusual obfuscation patterns in third-party dependencies. Where possible, pin extension versions and disable "auto-update" features in IDEs to allow for manual review of changes before deployment.
Monitor Network Anomalies: Monitor for outbound traffic to known Glassworm C2 infrastructure, including direct IP connections and requests to the Solana blockchain API or Google Calendar URLs used as backup C2 channels.
Credential Scoping: Limit the permissions of developer tokens (e.g., GitHub PATs) to the minimum required scopes and use environment-specific credentials to prevent a single local compromise from granting full access to the entire cloud or CI/CD pipeline.
Link(s):
https://socket.dev/blog/glassworm-loader-hits-open-vsx-via-suspected-developer-account-compromise