The GlassWorm campaign that infected VS Code extensions in the Open VSX marketplace has been fully contained, the Open VSX team says.
Maintained by the Eclipse Foundation, the Open VSX registry is an open source alternative to Microsoft’s Visual Studio Marketplace, providing developers with a server application for the management of VS Code extensions.
On October 18, Koi Security warned of GlassWorm, a campaign targeting Visual Studio developers with an information stealer, through malicious extensions distributed on Open VSX.
The extensions, estimated to have been downloaded nearly 36,000 times, had been injected with code hidden using Unicode variation selectors, so that it would not be visible in code editors.
The malware, dubbed GlassWorm, could steal sensitive information such as credentials, drain funds from cryptocurrency wallets, deploy SOCKS proxy servers, and install hidden VNC servers for remote access to the infected systems.
Additionally, Koi warned, it was self-propagating, using the stolen developer credentials to infect additional packages and extensions.
According to the Open VSX team, GlassWorm “was not a self-replicating worm in the traditional sense”, as it could not autonomously propagate through systems. Instead, it stole credentials that could be used to extend the attacker’s reach.
Open VSX has removed all the malicious extensions from the marketplace and considers the incident to have been fully contained on October 21. Its impact, the team says, was likely lower than estimated, as the reported download count also includes bot downloads, meant to inflate the extensions’ visibility.
“There is no indication of ongoing compromise or remaining malicious extensions on the platform,” the Open VSX team says.
This month, the team also revoked tokens that had been inadvertently exposed by several extensions, and which could be used to publish or modify extensions.
“These exposures were caused by developer mistakes, not a compromise of the Open VSX infrastructure. To improve detection going forward, we introduced a token prefix format in collaboration with MSRC to enable easier and more accurate scanning for exposed tokens across public repositories,” the team notes.
Additionally, the team implemented shorter default validity periods for tokens, improved internal processes to make token revocation faster, and implemented automated security scanning of all extensions at the time of publication, to detect malicious code and embedded secrets from the start.
Related: SBOM Pioneer Allan Friedman Joins NetRise to Advance Supply Chain Visibility
Related: Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit
Related: Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack
Related: AI Supply Chain Attack Method Demonstrated Against Google, Microsoft Products
