Ddos 
Cybersecurity researchers at Koi Security have discovered the world’s first self-propagating malware targeting VS Code extensions on the OpenVSX Marketplace. Dubbed GlassWorm, the threat marks a historic milestone in software supply chain attacks — combining invisible Unicode injection, blockchain-based C2 infrastructure, Google Calendar backup servers, and remote access trojan capabilities. As of October 19, 2025, at least 35,800 installations are confirmed compromised, with multiple infected extensions still active on both OpenVSX and Microsoft’s VS Code Marketplace.
The new worm, GlassWorm, represents an evolutionary leap in attack sophistication. It spreads automatically across developer ecosystems, harvesting credentials, draining cryptocurrency wallets, and transforming infected developer workstations into criminal proxy nodes.
“This is one of the most sophisticated supply chain attacks we’ve ever analyzed. And it’s spreading right now.”
At the heart of GlassWorm lies an unprecedented stealth tactic — invisible malicious code embedded via Unicode variation selectors.
When analyzing the CodeJoy extension (version 1.8.3), Koi’s risk engine flagged abnormal network and credential access behavior. What followed stunned researchers:
“See that massive gap between lines 2 and 7? That’s not empty space. That’s malicious code. Encoded in unprintable Unicode characters that literally don’t render in your code editor.”
This means the malware isn’t obfuscated — it’s literally invisible to human eyes and most automated scanners. Even GitHub’s diff viewer and VS Code’s syntax highlighting show nothing unusual.
“The attacker used Unicode variation selectors… To a developer doing code review, it looks like blank lines. To static analysis tools scanning for suspicious code, it looks like nothing at all. But to the JavaScript interpreter? It’s executable code.”
The attack fundamentally challenges the software community’s reliance on manual code review.
“We’ve built entire systems around the assumption that humans can review code. GlassWorm just proved that assumption wrong.”
Once decoded, the “invisible” payload revealed a command infrastructure.
“The malware uses the Solana blockchain as its command and control infrastructure.”
Each infected system queries the blockchain for transactions from a hardcoded wallet address, reading the transaction memo field to retrieve a base64-encoded link to its next payload.
Koi explains:
“Immutable, anonymous, censorship-resistant, dynamic, and cheap — the Solana blockchain just… exists.”
This blockchain-based C2 system means the malware cannot be taken down by domain seizures or takedown requests. Even if defenders block a known IP, the attacker simply posts a new Solana transaction pointing to a new payload.
After decrypting the Solana payload, analysts found another surprise — a Google Calendar event being used as a backup command server.
“The malware reaches out to this Google Calendar event as a backup C2 mechanism. And guess what’s in the event title? Another base64-encoded URL pointing to yet another encrypted payload.”
The researchers highlight the brilliance of this redundancy:
“Free and legitimate (no one’s blocking Google Calendar)… Another unkillable infrastructure piece.”
Meanwhile, GlassWorm actively hunts for credentials across NPM, GitHub, OpenVSX, and 49 different cryptocurrency wallet extensions — from MetaMask and Phantom to Coinbase Wallet.
“The malware is hunting for credentials: NPM tokens, GitHub tokens, Git credentials… 49 different cryptocurrency wallet extensions.”
Decryption of the so-called “zombi_payload” revealed ZOMBI, a multi-functional remote access trojan (RAT) that transforms infected systems into proxy nodes and hidden remote desktops.
ZOMBI capabilities include:
- SOCKS proxy creation – turning infected devices into anonymized routing nodes.
- WebRTC P2P communication – establishing firewall-bypassing direct control channels.
- BitTorrent DHT distribution – decentralized command propagation.
- Hidden VNC (HVNC) – stealth remote desktop access invisible to the user.
“HVNC gives the attacker complete remote desktop access to your machine—but it’s hidden. It runs in a virtual desktop that doesn’t appear in Task Manager and operates completely invisibly.”
The implications are severe:
“Your developer workstation… just became a proxy node for criminal activity.”
What distinguishes GlassWorm from traditional supply chain compromises is its autonomous replication.
“The self-replication cycle uses stolen NPM, GitHub, and OpenVSX credentials to compromise more packages and extensions automatically.”
Every new victim becomes a launchpad for additional infections, creating an exponential growth model reminiscent of biological viruses.
“Attackers have figured out how to make supply chain malware self-sustaining. They’re building worms that can spread autonomously through the entire software development ecosystem.”
As of October 19, 2025, the infection is still active.
“Seven OpenVSX extensions compromised on October 17, 2025… Ten extensions still actively distributing malware as you read this.”
Because VS Code extensions auto-update, users received the malicious version automatically — no action required.
“When CodeJoy pushed version 1.8.3 with invisible malware, everyone with CodeJoy installed got automatically updated to the infected version. No user interaction. No warning. Just silent, automatic infection.”
Koi Security warns:
“This isn’t some theoretical attack or historical incident. GlassWorm is active right now.”
Related Posts:
- “Unicode QR Code Phishing”: The New Threat You Need to Know
- North Korean Hackers Deploy RustDoor and Koi Stealer to Target Cryptocurrency Developers on macOS
- Obfuscated Malware Delivered via Google Calendar Invites and Unicode PUAs
- Stealthy WordPress Malware Uncovered: SEO Spam Plugin Mimics Your Domain to Evade Detection
- Solana Drainer Source Code Leak Reveals MS Drainer Connection, Underscores Growing Threat to Crypto Users
Donate