Widespread GlassWorm Malware Infiltration: 400+ Code Repos Compromised Across GitHub, npm, VSCode, and OpenVSX

The GlassWorm Supply-Chain Campaign Strikes Again

Recently, a coordinated attack by the GlassWorm supply-chain campaign has targeted over 400 code repositories on popular platforms such as GitHub, npm, and VSCode/OpenVSX extensions. This attack has been identified by researchers from Aikido, Socket, Step Security, and the OpenSourceMalware community, who have found 433 compromised components linked to GlassWorm.

The attack is believed to be orchestrated by a single threat actor, evident from the consistent use of a Solana blockchain address for command-and-control activities, similar payloads, and shared infrastructure. GlassWorm first emerged in October, utilizing invisible Unicode characters to conceal malicious code that harvested cryptocurrency wallet data and developer credentials.

Subsequent waves of the campaign expanded to target Microsoft’s Visual Studio Code marketplace and the OpenVSX registry, used by unsupported IDEs. The attackers also targeted macOS systems, distributing trojanized clients for popular cryptocurrency wallets like Trezor and Ledger, as well as compromising OpenVSX extensions to reach developers.

In the latest wave of attacks, GlassWorm has infiltrated various platforms, including 200 GitHub Python repositories, 151 GitHub JS/TS repositories, 72 VSCode/OpenVSX extensions, and 10 npm packages. The initial compromise takes place on GitHub, where malicious commits are force-pushed after compromising user accounts.

Malicious packages and extensions are then published on npm and VSCode/OpenVSX, featuring obfuscated code with invisible Unicode characters to avoid detection. The attackers leverage the Solana blockchain for new instructions every five seconds, updating payloads through transactions recorded between November 27, 2025, and March 13, 2026.

The malware targets various sensitive data, including cryptocurrency wallet information, credentials, access tokens, SSH keys, and developer environment data. It has been noted that GlassWorm is likely orchestrated by threat actors fluent in Russian, as the malware avoids execution on systems with a Russian locale.

Developers are advised to be vigilant, especially those who install Python packages directly from GitHub or clone repositories. They should search for the marker variable “lzcdrtfxyqiplpd” in their codebase as an indicator of GlassWorm malware. Additionally, they should check for the presence of the ~/init.json file for persistence and unexpected Node.js installations in the home directory.

Furthermore, developers should inspect cloned projects for suspicious i.js files and review Git commit histories for anomalies. This includes looking out for commits where the committer date significantly differs from the original author date.

Protecting Against GlassWorm Attacks

As the threat landscape evolves, it is crucial for developers to stay informed and proactive in safeguarding their code and systems against malicious attacks like GlassWorm. By following best practices for code repository security, regularly monitoring for signs of compromise, and implementing robust cybersecurity measures, developers can mitigate the risks posed by supply-chain attacks.