The GlassWorm supply-chain marketing campaign has returned with a brand new, coordinated assault that focused a whole bunch of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions.
Researchers at Aikido, Socket, Step Safety, and the OpenSourceMalware group have collectively recognized 433 compromised parts this month in assaults attributed to GlassWorm.
Proof of a single risk actor operating the GlassWorm campaigns throughout a number of open-source repositories is offered by way of the identical Solana blockchain handle used for command-and-control (C2) exercise, equivalent or functionally related payloads, and shared infrastructure.
GlassWorm was first noticed final October, with attackers utilizing “invisible” Unicode characters to cover malicious code that harvested cryptocurrency pockets information and developer credentials.
The marketing campaign continued with a number of waves and expanded to Microsoft’s official Visible Studio Code market and the OpenVSX registry utilized by unsupported IDEs, as found by Safe Annex’s researcher, John Tuckner.
macOS programs had been additionally focused, introducing trojanized shoppers for Trezor and Ledger, and later focused builders by way of compromised OpenVSX extensions.
The newest GlassWorm assault wave is much extra in depth, although, and unfold to:
- 200 GitHub Python repositories
- 151 GitHub JS/TS repositories
- 72 VSCode/OpenVSX extensions
- 10 npm packages
Preliminary compromise happens on GitHub, the place accounts are compromised to force-push malicious commits.
Then, malicious packages and extensions are printed on npm and VSCode/OpenVSX, that includes obfuscated code (invisible Unicode characters) to evade detection.
Supply: Aikido
Throughout all platforms, the Solana blockchain is queried each 5 seconds for brand new directions. In line with Step Safety, between November 27, 2025, and March 13, 2026, there have been 50 new transactions, principally to replace the payload URL.
The directions had been embedded as memos within the transactions and led to downloading the Node.js runtime and executing a JavaScript-based info stealer.
Supply: Step Safety
The malware targets cryptocurrency pockets information, credentials, and entry tokens, SSH keys, and developer setting information.
Evaluation of code feedback signifies that GlassWorm is orchestrated by Russia-speaking risk actors. Moreover, the malware skips execution if the Russian locale is discovered on the system. Nonetheless, that is inadequate information for assured attribution.
Step Safety advises builders who set up Python packages straight from GitHub or run cloned repositories to examine for indicators of compromise by looking their codebase for the marker variable “lzcdrtfxyqiplpd,” an indicator of the GlassWorm malware.
Supply: Step Safety
Additionally they advocate inspecting programs for the presence of the ~/init.json file, which is used for persistence, in addition to surprising Node.js installations within the house listing (e.g., ~/node-v22*).
Moreover, builders ought to search for suspicious i.js information in not too long ago cloned tasks and evaluation Git commit histories for anomalies, resembling commits the place the committer date is considerably newer than the unique creator date.
Malware is getting smarter. The Crimson Report 2026 reveals how new threats use math to detect sandboxes and conceal in plain sight.
Obtain our evaluation of 1.1 million malicious samples to uncover the highest 10 strategies and see in case your safety stack is blinded.
