8 minhigh
72 Malicious Open VSX Extensions Linked to GlassWorm Campaign Now Using Transitive Dependencies
The GlassWorm threat actor has evolved its supply chain attack methodology by abusing VS Code extension manifest fields to transitively deliver malicious payloads. This technique allows initially benign extensions to pull in malicious dependencies during later updates, executing staged JavaScript loaders that target developer workstations for credential and secret theft.
Sens:■ ImmediateConf:highAnalyzed:2026-03-16reports
ActorsGlassWorm
Source:
Socket
IOCs · 1
- filenameextension/out/extension.jsCommon file path for the staged GlassWorm-style loader within malicious extensions.
Key Takeaways
- The GlassWorm campaign has evolved to use transitive dependencies (extensionPack and extensionDependencies) to deliver malware indirectly via Open VSX.
- Malicious extensions often appear benign initially and introduce malicious dependencies in later updates, bypassing one-time reviews.
- The campaign uses staged JavaScript execution, Russian locale/timezone geofencing, and Solana transaction memos as dead drops.
- Decryption material has been moved from the extension itself to HTTP response headers (ivbase64, secretkey) to evade detection.
- Threat actors inflate download counts and impersonate popular developer utilities, including linters, formatters, and AI tools.
Affected Systems
- VS Code
- Open VSX compatible editors
- Developer workstations
Attack Chain
The threat actor publishes a seemingly benign VS Code extension to the Open VSX registry. In a subsequent update, the extension's manifest is modified to include 'extensionPack' or 'extensionDependencies' pointing to a malicious GlassWorm-linked extension. Once installed, the malicious dependency executes a staged JavaScript loader (extension.js) that performs Russian locale/timezone geofencing and queries Solana transaction memos for dead drop resolution. The loader retrieves follow-on code, decrypts it using keys provided in HTTP response headers, and executes it in-memory via 'eval' or 'vm.Script' to access local credentials and environment secrets.
Detection Availability
- YARA Rules: No
- Sigma Rules: No
- Snort/Suricata Rules: No
- KQL Queries: No
- Splunk SPL Queries: No
- EQL Queries: No
- Other Detection Logic: No
- Platforms: Socket
The article mentions that Socket provides dedicated alerts ('VS Code: Extension pack' and 'VS Code: Extension dependency') and tools (Socket GitHub App, CLI, Firewall) to detect and block these malicious transitive relationships, but no raw detection rules are provided.
Detection Engineering Assessment
EDR Visibility: Medium — EDRs can monitor child processes spawned by VS Code, but the primary execution happens in-memory within the Node.js context of the extension host using 'eval' or 'vm.Script', which may evade standard process-level monitoring. Network Visibility: High — The malware relies on external network connections to Solana RPC nodes for dead drop resolution and C2 IPs for payload retrieval, which can be detected via network telemetry. Detection Difficulty: Hard — The use of transitive dependencies means the initial extension appears benign. The malicious payload is heavily obfuscated, executed in-memory, and uses legitimate services (Solana) for dead drops, making static and dynamic analysis challenging.
Required Log Sources
- Network flow logs
- DNS query logs
- Process execution logs (VS Code extension host)
Hunting Hypotheses
| Hypothesis | Telemetry | ATT&CK Stage | FP Risk |
|---|---|---|---|
| Look for VS Code extension host processes making unexpected outbound network connections to known Solana RPC nodes or unrecognized IP addresses. | Network flow logs, DNS logs | Command and Control | Medium |
| Monitor for sudden additions of 'extensionPack' or 'extensionDependencies' in VS Code extension manifest files (package.json) during updates. | File System/Manifests | Delivery | Low |
| Detect HTTP responses to the VS Code extension host containing suspicious headers like 'ivbase64' and 'secretkey'. | Network/HTTP logs | Command and Control/Payload Delivery | Low |
Control Gaps
- Static analysis of initial extension releases
- Standard EDR visibility into Node.js 'vm.Script' execution
Key Behavioral Indicators
- Late-version manifest changes adding dependencies
- Russian locale/timezone gating in extension code
- HTTP response headers containing decryption material (ivbase64, secretkey)
False Positive Assessment
- Medium. Legitimate extensions frequently use 'extensionPack' and 'extensionDependencies' for convenience (e.g., language support bundles). Alerting solely on these fields will generate false positives; detection must correlate these fields with suspicious network activity or obfuscated code.
Recommendations
Immediate Mitigation
- Audit extension histories for newly added 'extensionPack' and 'extensionDependencies' relationships.
- Block or remove any GlassWorm-linked packages and infrastructure indicators from developer environments.
Infrastructure Hardening
- Block outbound traffic to known malicious C2 IPs (45.32.150.251, 45.32.151.157, 70.34.242.255).
- Implement network filtering for unexpected Solana RPC node queries from developer workstations.
User Protection
- Review developer workstations for exposed tokens, credentials, config files, and environment secrets.
- Deploy tools that enforce install-time visibility and policy enforcement for VS Code extensions.
Security Awareness
- Educate developers on the risks of transitive dependencies in VS Code extensions.
- Warn developers about extensions impersonating popular tools or inflating download counts.
MITRE ATT&CK Mapping
- T1195.001 - Supply Chain Compromise: Compromise Software Dependencies and Development Tools
- T1204 - User Execution
- T1480 - Execution Guardrails
- T1059.007 - Command and Scripting Interpreter: JavaScript
- T1027.013 - Obfuscated Files or Information: Encrypted/Encoded File
- T1102.001 - Web Service: Dead Drop Resolver
Additional IOCs
- Ips:
45[.]32[.]150[.]251- Reused C2 IP45[.]32[.]151[.]157- New C2 IP70[.]34[.]242[.]255- New C2 IP
- File Paths:
extension/out/extension.js- Staged loader location
- Other:
BjVeAjPrSKFiingBn4vZvghsGj9KCE8AJVtbc9S8o8SC- Previous Solana wallet address used as a dead dropMemoSq4gqABAXKb96qnH8TysNcWxMyWCqXgDLGmfcHr- Solana memo program used by the malwarec4b9a3773e9dced6015a670855fd32b- Embedded AES IV (hex)aadarkcode.one-dark-material- Malicious Open VSX Extensionaligntool.extension-align-professional-tool- Malicious Open VSX Extensionangular-studio.ng-angular-extension- Malicious Open VSX Extensionawesome-codebase.codebase-dart-pro- Malicious Open VSX Extensionawesomeco.wonder-for-vscode-icons- Malicious Open VSX Extensionbhbpbarn.vsce-python-indent-extension- Malicious Open VSX Extensionblockstoks.easily-gitignore-manage- Malicious Open VSX Extensionbrategmaqendaalar-studio.pro-prettyxml-formatter- Malicious Open VSX Extensioncodbroks.compile-runnner-extension- Malicious Open VSX Extensioncodevunmis.csv-sql-tsv-rainbow- Malicious Open VSX Extensioncodwayexten.code-way-extension- Malicious Open VSX Extensioncosmic-themes.sql-formatter- Malicious Open VSX Extensioncraz2team.vscode-todo-extension- Malicious Open VSX Extensioncrotoapp.vscode-xml-extension- Malicious Open VSX Extensioncudra-production.vsce-prettier-pro- Malicious Open VSX Extensiondaeumer-web.es-linter-for-vs-code- Malicious Open VSX Extension (Typosquat of dbaeumer)dark-code-studio.flutter-extension- Malicious Open VSX Extensiondensy-little-studio.wonder-for-vscode-icons- Malicious Open VSX Extensiondep-labs-studio.dep-proffesinal-extension- Malicious Open VSX Extensiondev-studio-sense.php-comp-tools-vscode- Malicious Open VSX Extensiondevmidu-studio.svg-better-extension- Malicious Open VSX Extensiondopbop-studio.vscode-tailwindcss-extension-toolkit- Malicious Open VSX Extensionerrlenscre.error-lens-finder-ex- Malicious Open VSX Extensionexss-studio.yaml-professional-extension- Malicious Open VSX Extensionfedericanc.dotenv-syntax-highlighting- Malicious Open VSX Extensionflutxvs.vscode-kuberntes-extension- Malicious Open VSX Extensiongvotcha.claude-code-extension- Malicious Open VSX Extensiongvotcha.claude-code-extensions- Malicious Open VSX Extensionintellipro.extension-json-intelligence- Malicious Open VSX Extensionkharizma.vscode-extension-wakatime- Malicious Open VSX Extensionko-zu-gun-studio.synchronization-settings-vscode- Malicious Open VSX Extensionkwitch-studio.auto-run-command-extension- Malicious Open VSX Extensionlavender-studio.theme-lavender-dreams- Malicious Open VSX Extensionlittensy-studio.magical-icons- Malicious Open VSX Extensionlyu-wen-studio-web-han.better-formatter-vscode- Malicious Open VSX Extensionmarkvalid.vscode-mdvalidator-extension- Malicious Open VSX Extensionmecreation-studio.pyrefly-pro-extension- Malicious Open VSX Extensionmswincx.antigravity-cockpit- Malicious Open VSX Extensionmswincx.antigravity-cockpit-extension- Malicious Open VSX Extensionnamopins.prettier-pro-vscode-extension- Malicious Open VSX Extensionoigotm.my-command-palette-extension- Malicious Open VSX Extensionotoboss.autoimport-extension- Malicious Open VSX Extensionovixcode.vscode-better-comments- Malicious Open VSX Extensionpessa07tm.my-js-ts-auto-commands- Malicious Open VSX Extensionpotstok.dotnet-runtime-extension- Malicious Open VSX Extensionpretty-studio-advisor.prettyxml-formatter- Malicious Open VSX Extensionprismapp.prisma-vs-code-extension- Malicious Open VSX Extensionprojmanager.your-project-manager-extension- Malicious Open VSX Extensionpubruncode.ccoderunner- Malicious Open VSX Extensionpyflowpyr.py-flowpyright-extension- Malicious Open VSX Extensionpyscopexte.pyscope-extension- Malicious Open VSX Extensionredcapcollective.vscode-quarkus-elite-suite- Malicious Open VSX Extensionrubyideext.ruby-ide-extension- Malicious Open VSX Extensionrunnerpost.runner-your-code- Malicious Open VSX Extensionshinypy.shiny-extension-for-vscode- Malicious Open VSX Extensionsol-studio.solidity-extension- Malicious Open VSX Extensionssgwysc.volar-vscode- Malicious Open VSX Extensionstudio-jjalaire-team.professional-quarto-extension- Malicious Open VSX Extensionstudio-velte-distributor.pro-svelte-extension- Malicious Open VSX Extensionsun-shine-studio.shiny-extension-for-vscode- Malicious Open VSX Extensionsxatvo.jinja-extension- Malicious Open VSX Extensiontamokill12.foundry-pdf-extension- Malicious Open VSX Extensionthing-mn.your-flow-extension-for-icons- Malicious Open VSX Extensiontima-web-wang.shell-check-utils- Malicious Open VSX Extensiontokcodes.import-cost-extension- Malicious Open VSX Extensiontoowespace.worksets-extension- Malicious Open VSX Extensiontreedotree.tree-do-todoextension- Malicious Open VSX Extensiontucyzirille-studio.angular-pro-tools-extension- Malicious Open VSX Extensionturbobase.sql-turbo-tool- Malicious Open VSX Extensiontwilkbilk.color-highlight-css- Malicious Open VSX Extensionvce-brendan-studio-eich.js-debuger-vscode- Malicious Open VSX Extensionyamaprolas.revature-labs-extension- Malicious Open VSX Extension