Tech »  Topic »  Dangerous new malware targets macOS devices via OpenVSX extensions - here's how to stay safe

Dangerous new malware targets macOS devices via OpenVSX extensions - here's how to stay safe

2 hours ago   techradar.com
(Image credit: Shutterstock)
  • GlassWorm malware campaign expanded from VS Code Marketplace to Open VSX
  • Four compromised extensions delivered macOS infostealer stealing browser data, wallets, and keychain info
  • Extensions downloaded 22,000 times; attackers excluded Russian systems, hinting at Russian origin

GlassWorm, the malware campaign which targeted VS Code developers on Microsoft’s official Visual Studio Code marketplace, has now expanded to open source alternatives, experts have claimed.

Recently, security researchers Socket said they discovered four extensions in Open VSX, an open, vendor-neutral marketplace for editor extensions (mainly used by developers who work with VS Code-compatible editors).

These extensions started off as benign, but have been compromised at one point, and used to deliver an infostealer to MacOS users in typical supply-chain attack style. Here is the list of the compromised extensions:


Copyright of this story solely belongs to techradar.com . To see the full text click HERE