455/68 Monday, November 10, 2025
Security researchers have revealed that the GlassWorm malware campaign has resurfaced on the OpenVSX platform after being detected last month. This time, the malware is embedded in three Visual Studio Code (VSCode) extensions:
- ai-driven-dev.ai-driven-dev
- adhamu.history-in-sublime-merge
- yasuyuky.transient-emacs
These extensions have accumulated over 10,000 downloads. GlassWorm uses transactions on the Solana blockchain to retrieve payloads designed to steal account data from GitHub, NPM, OpenVSX, and cryptocurrency wallets. The malware hides its malicious code using invisible Unicode characters, enabling JavaScript execution without showing anything suspicious in the source code.
GlassWorm was first discovered in 12 extensions across VSCode Marketplace and OpenVSX, with a combined total of more than 35,000 downloads. Researchers believe attackers may have manipulated download numbers to make the extensions appear more trustworthy. After the initial incident, OpenVSX reset tokens for affected accounts and implemented enhanced security measures. However, attackers continued using the same infrastructure, updating the command-and-control (C2) server and Solana transactions to evade detection, while still relying on the same code-hiding technique that successfully bypasses OpenVSX security checks.
According to Koi Security, data recovered from the attackers’ servers shows that victims are spread across the United States, South America, Europe, Asia, and government entities in the Middle East. The threat actors communicate in Russian and use an open-source framework called RedExt to manage their C2 servers. Researchers have supplied evidence to law enforcement, including accounts linked to cryptocurrency exchanges and communication platforms. Despite this, all three malicious extensions remain available for download on OpenVSX while they await removal.
