The GlassWorm supply-chain marketing campaign has returned with a brand new, coordinated assault that focused lots of of packages, repositories, and extensions on GitHub, npm, and VSCode/OpenVSX extensions.
Researchers at Aikido, Socket, Step Safety, and the OpenSourceMalware neighborhood have collectively recognized 433 compromised elements this month in assaults attributed to GlassWorm.
Proof of a single menace actor working the GlassWorm campaigns throughout a number of open-source repositories is offered by way of the identical Solana blockchain tackle used for command-and-control (C2) exercise, equivalent or functionally comparable payloads, and shared infrastructure.
GlassWorm was first noticed final October, with attackers utilizing “invisible” Unicode characters to cover malicious code that harvested cryptocurrency pockets knowledge and developer credentials.
The marketing campaign continued with a number of waves and expanded to Microsoft’s official Visible Studio Code market and the OpenVSX registry utilized by unsupported IDEs, as found by Safe Annex’s researcher, John Tuckner.
macOS techniques had been additionally focused, introducing trojanized purchasers for Trezor and Ledger, and later focused builders through compromised OpenVSX extensions.
The most recent GlassWorm assault wave is much extra intensive, although, and unfold to:
- 200 GitHub Python repositories
- 151 GitHub JS/TS repositories
- 72 VSCode/OpenVSX extensions
- 10 npm packages
Preliminary compromise happens on GitHub, the place accounts are compromised to force-push malicious commits.
Then, malicious packages and extensions are revealed on npm and VSCode/OpenVSX, that includes obfuscated code (invisible Unicode characters) to evade detection.
Supply: Aikido
Throughout all platforms, the Solana blockchain is queried each 5 seconds for brand spanking new directions. Based on Step Safety, between November 27, 2025, and March 13, 2026, there have been 50 new transactions, principally to replace the payload URL.
The directions had been embedded as memos within the transactions and led to downloading the Node.js runtime and executing a JavaScript-based info stealer.
Supply: Step Safety
The malware targets cryptocurrency pockets knowledge, credentials, and entry tokens, SSH keys, and developer surroundings knowledge.
Evaluation of code feedback signifies that GlassWorm is orchestrated by Russia-speaking menace actors. Moreover, the malware skips execution if the Russian locale is discovered on the system. Nonetheless, that is inadequate knowledge for assured attribution.
Step Safety advises builders who set up Python packages immediately from GitHub or run cloned repositories to examine for indicators of compromise by looking out their codebase for the marker variable “lzcdrtfxyqiplpd,” an indicator of the GlassWorm malware.
Supply: Step Safety
In addition they advocate inspecting techniques for the presence of the ~/init.json file, which is used for persistence, in addition to surprising Node.js installations within the house listing (e.g., ~/node-v22*).
Moreover, builders ought to search for suspicious i.js recordsdata in not too long ago cloned initiatives and assessment Git commit histories for anomalies, akin to commits the place the committer date is considerably newer than the unique creator date.
Malware is getting smarter. The Purple Report 2026 reveals how new threats use math to detect sandboxes and conceal in plain sight.
Obtain our evaluation of 1.1 million malicious samples to uncover the highest 10 methods and see in case your safety stack is blinded.
