Open VSX Downplays Impact From GlassWorm Campaign
securityweek
The GlassWorm campaign that infected VS Code extensions in the Open VSX marketplace has been fully contained, the Open VSX team says.
Maintained by the Eclipse Foundation, the Open VSX registry is an open source alternative to Microsoft’s Visual Studio Marketplace, providing developers with a server application for the management of VS Code extensions.
On October 18, Koi Security warned of GlassWorm, a campaign targeting Visual Studio developers with an information stealer, through malicious extensions distributed on Open VSX.
The extensions, estimated to have been downloaded nearly 36,000 times, had been injected with code hidden using Unicode variation selectors, so that it would not be visible in code editors.
The malware, dubbed GlassWorm, could steal sensitive information such as credentials, drain funds from cryptocurrency wallets, deploy SOCKS proxy servers, and install hidden VNC servers for remote access to the infected systems.
Additionally, Koi warned, it was self-propagating, using ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE