Comprehensive Threat Exposure Management Platform
Hive Pro recognized in Gartner® Magic Quadrant™ for Exposure Assessment Platform, 2025 Watch platform in action
GlassWorm represents a stealthy self-propagating malware campaign targeting macOS systems by exploiting malicious VS Code extensions that conceal harmful code using invisible Unicode characters. First observed on October 17, 2025, the GlassWorm campaign has rapidly evolved to become one of the most sophisticated supply chain attacks targeting the macOS developer ecosystem. GlassWorm malicious extensions are disguised as legitimate development tools and distributed through VSCode and OpenVSX marketplaces, specifically focusing on compromising macOS developers and their cryptocurrency assets.
The GlassWorm malware campaign delivers trojanized cryptocurrency wallet software that quietly steals developer credentials and digital assets from compromised macOS systems. GlassWorm targets Middle Eastern government entities and has expanded significantly since its initial discovery, with confirmed victims including a Middle Eastern government organization compromised on November 6, 2025. The GlassWorm attack demonstrates sophisticated tradecraft including the use of invisible Unicode characters to hide malicious code, AES-256-CBC encryption for payload obfuscation, and Solana blockchain-based command-and-control infrastructure.
By December 19, 2025, GlassWorm had pivoted specifically to macOS platforms, introducing encrypted JavaScript payloads, new Solana wallet targeting capabilities, and hardware wallet trojanization features targeting Ledger Live and Trezor Suite applications. The GlassWorm campaign represents a significant threat to macOS developers working with cryptocurrency technologies, government entities in the Middle East, and organizations utilizing VS Code development environments across the macOS ecosystem.
GlassWorm operates as a self-propagating malware campaign that weaponizes the VS Code extension ecosystem to compromise macOS developer systems. The GlassWorm attack conceals malicious logic using invisible Unicode characters embedded within seemingly legitimate VS Code extension code, making detection through visual code inspection virtually impossible. GlassWorm distributes these trojanized extensions through both the official VSCode marketplace and OpenVSX alternative marketplace, with current GlassWorm operations maintaining a specific focus on macOS developers.
Once GlassWorm malicious extensions are installed on victim macOS systems, they masquerade as legitimate development tools while covertly deploying compromised cryptocurrency wallet applications in the background. The GlassWorm supply chain attack demonstrates sophisticated understanding of developer workflows and trust relationships within the VS Code extension ecosystem, exploiting the implicit trust developers place in marketplace-distributed extensions.
After a deliberate 15-minute delay specifically designed to evade automated sandbox analysis systems, the GlassWorm malware activates its malicious payload on compromised macOS systems. An AES-256-CBC encrypted payload embedded within compiled JavaScript initiates comprehensive credential theft operations targeting GitHub access tokens, npm registry credentials, and OpenVSX marketplace authentication tokens. The GlassWorm credential harvesting extends to cryptocurrency wallet data harvested from multiple VS Code extensions commonly used by macOS developers.
GlassWorm establishes persistent presence on compromised macOS systems through LaunchAgents and AppleScript-based persistence mechanisms, ensuring the malware survives system reboots and maintains long-term access. The GlassWorm malware enables remote control capabilities via VNC and SOCKS proxy connections, providing attackers with comprehensive access to compromised macOS developer workstations.
GlassWorm command-and-control traffic is uniquely routed through the Solana blockchain infrastructure, providing the malware with decentralized and resilient C2 communications that are difficult to block or detect. The GlassWorm malware actively searches compromised macOS systems for hardware wallet applications including Ledger Live and Trezor Suite, systematically replacing legitimate hardware wallet software with trojanized counterparts.
This GlassWorm hardware wallet trojanization capability allows attackers to falsify receiving addresses displayed to users, alter transaction data before signing, capture seed phrases during wallet initialization or recovery processes, and intercept device communications between hardware wallets and the macOS host system. The GlassWorm hardware wallet attack effectively undermines the security guarantees provided by air-gapped hardware wallet designs, representing a significant escalation in cryptocurrency theft capabilities targeting macOS users.
Identify and uninstall all suspected GlassWorm malicious extensions without delay from compromised macOS development systems. Treat any unverified or sideloaded VS Code extension as potentially compromised by GlassWorm until proven otherwise through comprehensive security analysis. Organizations should conduct immediate audits of all installed VS Code extensions across their macOS developer workstations to identify potential GlassWorm infections.
Rotate all developer credentials potentially exposed on GlassWorm-affected macOS machines, including GitHub access tokens, npm registry credentials, SSH private keys, and any cached authentication material stored in macOS Keychain. This credential rotation is essential to prevent downstream compromise through stolen GlassWorm-harvested credentials. Organizations should implement emergency credential rotation procedures for all developers potentially affected by GlassWorm malware.
Implement comprehensive integrity monitoring on temporary and staging directories commonly abused by GlassWorm malware to detect unauthorized file creation or payload execution on macOS systems. Deploy filesystem monitoring specifically targeting VS Code extension directories and LaunchAgents locations used by GlassWorm for persistence establishment. Enhanced filesystem controls can detect GlassWorm deployment patterns before full system compromise occurs.
Enhance endpoint detection capabilities on macOS systems to flag abnormal AppleScript activity characteristic of GlassWorm persistence mechanisms, unauthorized access to macOS Keychain databases containing developer credentials, and development tools initiating unexpected network connections, particularly to Solana blockchain-based endpoints used by GlassWorm command-and-control infrastructure. Implement behavioral detection rules specifically targeting GlassWorm tradecraft patterns including 15-minute activation delays and cryptocurrency wallet application replacement.
Malicious VS Code Extension IDs: studio-velte-distributor.pro-svelte-extension, cudra-production.vsce-prettier-pro, Puccin-development.full-access-catppuccin-pro-extension, codejoy.codejoy-vscode-extension@1.8.3, codejoy.codejoy-vscode-extension@1.8.4, l-igh-t.vscode-theme-seti-folder@1.2.3, kleinesfilmroellchen.serenity-dsl-syntaxhighlight@0.3.2, JScearcy.rust-doc-viewer@4.2.1, SIRILMP.dark-theme-sm@3.11.4, CodeInKlingon.git-worktree-menu@1.0.9, ginfuru.better-nunjucks@0.3.2, ellacrity.recoil@0.7.4, grrrck.positron-plus-1-e@0.0.71, jeronimoekerdt.color-picker-universal@2.8.91, srcery-colors.srcery-colors@0.3.9, sissel.shopify-liquid@4.0.1, TretinV3.forts-api-extention@0.3.1, cline-ai-main.cline-ai-agent@3.1.3
Solana C2 Wallets: BjVeAjPrSKFiingBn4vZvghsGj9KCE8AJVtbc9S8o8SC, 28PKnu7RzizxBzFPoLp69HLXp9bJL3JFtT2s5QzHsEA2
C2 IP Addresses: 45[.]32[.]151[.]157, 45[.]32[.]150[.]251, 217[.]69[.]11[.]60
Malicious URLs: hxxps[:]//calendar[.]app[.]google/M2ZCvM8ULL56PD1d6, hxxp[:]//217[.]69[.]3[.]218/qQD%2FJoi3WCWSk8ggGHiTdg%3D%3D, hxxp[:]//217[.]69[.]3[.]218/get_arhive_npm/, hxxp[:]//217[.]69[.]3[.]218/get_zombi_payload/
Get through updates and upcoming events, and more directly in your inbox