Security & Infrastructure Tools
GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX
GlassWorm, a supply‑chain malware campaign, has infected over 400 open‑source components across GitHub, npm, VSCode and OpenVSX repositories. In March 2026 researchers identified 433 compromised packages—200 Python repos, 151 JS/TS repos, 72 VSCode extensions and 10 npm packages—all injected with invisible Unicode characters to conceal malicious code that harvests cryptocurrency wallet data, developer credentials, SSH keys, and other sensitive information. The attackers use a single Solana blockchain address for command‑and‑control, consistently updating payload URLs every five seconds. Initial compromise occurs via forced pushes on compromised GitHub accounts, after which malicious packages are published on npm and VSCode/OpenVSX with obfuscated code. The malware skips execution on Russian‑locale systems but is likely operated by Russian‑speaking actors. Developers are advised to scan for the marker variable “lzcdrtfxyqiplpd,” check for unexpected Node.js installations, suspicious i.js files, and anomalies in commit histories to detect compromises.
GlassWorm, a sophisticated supply‑chain malware that infiltrates open‑source ecosystems, has once again surged across GitHub, npm, VSCode, and OpenVSX repositories. In the latest wave, researchers from Aikido, Socket, Step Security, and OpenSourceMalware have identified 433 compromised components—ranging from Python and JavaScript/TypeScript libraries to VSCode extensions and npm packages—over a span of March 2026.
The attack methodology remains remarkably consistent with previous iterations: an attacker first compromises GitHub accounts through phishing or credential theft, then force‑push malicious commits that embed invisible Unicode characters. These obfuscated payloads are designed to evade static analysis tools while still executing JavaScript-based information stealers once the environment is set up. The malware harvests cryptocurrency wallet data, developer credentials, SSH keys, and other sensitive tokens.
A pivotal element of GlassWorm’s persistence is its reliance on a Solana blockchain address for command‑and‑control (C2). Every five seconds, the malware queries this address for new instructions, which are embedded as memos within transactions. The latest data shows 50 new transactions between November 27, 2025 and March 13, 2026, primarily updating payload URLs. This consistent use of a single Solana address across all affected platforms strongly suggests a single threat actor orchestrating the campaign.
The malware’s recent expansion has targeted macOS users by introducing trojanized clients for Trezor and Ledger wallets, as well as compromising OpenVSX extensions that deliver malicious code to developers on unsupported IDEs. The sheer breadth—200 GitHub Python repos, 151 JavaScript/TypeScript repos, 72 VSCode/OpenVSX extensions, and 10 npm packages—demonstrates the scale of the attack.
Detection is challenging due to the invisible Unicode obfuscation. However, Step Security has identified a unique marker variable (“lzcdrtfxyqiplpd”) that appears in compromised codebases. Developers should also inspect for the presence of an “~/init.json” file used for persistence and unexpected Node.js installations (e.g., ~/node‑v22*). Anomalies such as commit dates significantly newer than original authors or suspicious “i.js” files can signal a compromise.
The threat actor’s linguistic clues—Russian-speaking comments in the code—hint at potential attribution, but the malware intentionally skips execution if Russian locale is detected, complicating definitive attribution. Regardless, the attack underscores the critical importance of vigilant supply‑chain security practices: verifying dependencies, monitoring GitHub account activity, and employing robust detection tools that can uncover obfuscated payloads.
As GlassWorm continues to evolve, it exemplifies how attackers adapt to bypass standard security measures by leveraging blockchain C2 infrastructure and invisible character techniques. Maintaining a proactive stance—scrutinizing codebases for hidden markers, validating package integrity, and monitoring account activities—is essential to mitigate the risk posed by this ever‑present threat in open‑source ecosystems.