GlassWorm Strikes Again: Unstoppable Malware Infects Thousands Despite Containment Claims
GlassWorm, a stealthy malware targeting VS Code extensions, is still wriggling despite claims it was contained. Like a bad sequel, it uses sneaky Unicode and Solana blockchain tricks, leaving 35,800 developer machines compromised worldwide. Koi Security warns it’s not just an extension problem now—it’s a global credential-snatching spree!
Hot Take:
It seems GlassWorm is the malware equivalent of the party crasher who just won’t take the hint and leave, spreading faster than gossip in a small town. And like a persistent ex, it keeps coming back, despite everyone insisting it’s “contained.”
Key Points:
- GlassWorm is malware targeting Visual Studio Code extensions and has compromised 35,800 developer machines.
- Despite claims of containment, GlassWorm continues to spread, now affecting GitHub repositories with AI-generated commits.
- The malware uses clever tactics like invisible Unicode characters and the Solana blockchain for command and control.
- Koi Security’s research found GlassWorm affecting a variety of global victims, including a major government entity.
- Efforts are ongoing with law enforcement to notify victims and dismantle the attack infrastructure.
Already a member? Log in here