VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

GlassWorm v2: 73 Fake VS Code Extensions on Open VSX

GlassWorm v2: 73 поддельных расширения VS Code на Open VSX

Colleagues — please note a cybersecurity incident: GlassWorm v2 was found leveraging counterfeit VS Code extensions on Open VSX.

Key points:
- Socket identified 73 cloned packages; 6 confirmed malicious, the remainder are dormant downloaders.
- Adversaries employ typosquatting, clone icons/descriptions and use Zig droppers to fetch VSIX from GitHub, installing via --install-extension.
- Objectives: data theft, RAT deployment and injection of a malicious Chromium extension; authors avoid Russian systems.

Why it matters: trusted extensions can compromise developer environments.

Recommendations: restrict extensions, verify sources, and monitor unexpected VSIX installs.

How do you protect your dev environments from such attacks?

#cybersecurity #supplychain #DevSecOps #VSCode

Latest comments

No comments yet.