Researchers at **Aikido**, **Socket**, **Step Security**, and the **OpenSourceMalware** community have collectively identified 433 compromised components this month in attacks attributed to **GlassWorm**. ### Campaign Overview Evidence suggests a single threat actor is behind the **GlassWorm** campaigns, utilizing the same **Solana** blockchain address for command-and-control (C2) activity, identical or functionally similar payloads, and shared infrastructure. **GlassWorm** was first observed last October. Attackers employed “invisible” Unicode characters to conceal malicious code designed to harvest cryptocurrency wallet data and developer credentials. The campaign expanded to **Microsoft**'s official **Visual Studio Code** marketplace and the **OpenVSX** registry, as discovered by Secure Annex's researcher, John Tuckner. **macOS** systems were also targeted, with trojanized clients for **Trezor** and **Ledger**, and later developers via compromised **OpenVSX** extensions. ### Scope of the Latest Attack The latest **GlassWorm** attack wave is significantly more extensive, impacting: * 200 **GitHub** Python repositories * 151 **GitHub** JS/TS repositories * 72 **VSCode/OpenVSX** extensions * 10 **npm** packages ### Attack Vectors and Techniques Initial compromise occurs on **GitHub**, where accounts are compromised to force-push malicious commits. Malicious packages and extensions are then published on **npm** and **VSCode/OpenVSX**, featuring obfuscated code (invisible Unicode characters) to evade detection.  *Source: Aikido* Across all platforms, the **Solana** blockchain is queried every five seconds for new instructions. According to **Step Security**, between November 27, 2025, and March 13, 2026, there were 50 new transactions, mostly to update the payload URL. The instructions were embedded as memos in the transactions and led to downloading the **Node.js** runtime and executing a JavaScript-based information stealer.  *Source: Step Security* The malware targets cryptocurrency wallet data, credentials, access tokens, SSH keys, and developer environment data. ### Attribution and Mitigation Analysis of code comments suggests that Russia-speaking threat actors may be behind **GlassWorm**. The malware skips execution if the Russian locale is found on the system. However, this is insufficient for confident attribution. **Step Security** advises developers who install Python packages directly from **GitHub** or run cloned repositories to check for signs of compromise by searching their codebase for the marker variable “lzcdrtfxyqiplpd,” an indicator of the **GlassWorm** malware.  *Source: Step Security* They also recommend inspecting systems for the presence of the *~/init.json* file, which is used for persistence, as well as unexpected **Node.js** installations in the home directory (e.g., ~/node-v22*). Additionally, developers should look for suspicious *i.js* files in recently cloned projects and review **Git** commit histories for anomalies, such as commits where the committer date is significantly newer than the original author date.