Cybersecurity researchers have reported that dozens of Microsoft Visual Studio Code (VS Code) extensions on the Open VSX repository have been linked to a persistent information theft campaign called GlassWorm.
A cluster of 73 extensions has been confirmed to be cloned versions of legitimate extensions. Six of these are confirmed to be malicious, while the rest act as seemingly benign sleeper packages that trick users into downloading and building trust, with subsequent updates sometimes revealing their true intentions.
According to application security company Socket, all extensions were rolled out at the beginning of the month, with the latest iteration being tracked under the name GlassWorm v2. In total, over 320 artifacts were identified since December 21, 2025. Below is a list of extensions that have been identified as malicious.
Outsidestormcommand.monochromator-theme keyacrosslaud.auto-loop-for-antigravity krundoven.ironplc-fast-hub boulderzitunnel.vscode-buddies cubedivervolt.html-code-validate awarddomain17.version-lens-tool
In addition to typosquatting the names of the original packages (CEINTL.vscode-language-pack-tr and Emotionkyo Separate.turkish-language-pack), the cloned sleepers use the same icons and descriptions as their legitimate counterparts to trick unsuspecting developers into installing the extension.
This “visual trust” acts as an effective social engineering tactic to organically increase install numbers before being contaminated to provide malware to downstream users.
This disclosure comes as the attackers behind the campaign are actively evolving their techniques, focusing on sleeper packages and transitive dependencies to evade detection, while also using Zig-based droppers to deploy secondary VSIX extensions hosted on GitHub that can potentially infect all integrated development environments (IDEs) on a developer’s machine.
The extension identified by Socket acts as a benign loader for the actual payload. This is a VSIX extension retrieved from GitHub that is installed on all identified IDEs in your system, including VS Code, Cursor, Windsurf, and VSCodium, using the “–install-extension” command.
Regardless of the method used, the end goal is the same. It runs malware that evades Russian systems, steals sensitive data, installs remote access Trojans (RATs), and secretly deploys rogue Chromium-based extensions that siphon credentials, bookmarks, and other information.
“This approach achieves the same results as binary-based variants, but the delivery logic is kept in obfuscated JavaScript,” the company said. “The extension acts as a loader, and after activation, the payload is retrieved and executed.”
Source link
