Cybersecurity researchers have uncovered a large-scale malicious campaign involving fake extensions targeting developers through Visual Studio Code. The operation is linked to an evolving malware strain known as GlassWorm v2.
Malicious Extensions Hidden in Open VSX
The fraudulent extensions were discovered on the Open VSX platform, where attackers uploaded cloned versions of legitimate tools.
A total of 73 extensions were identified in this campaign. While only a small number were immediately harmful, the majority were designed as “sleeper” packages, appearing safe initially and gaining user trust before turning malicious through later updates.
Social Engineering Through Visual Deception
Attackers replicated the appearance of real extensions by copying:
- Names similar to trusted packages
- Identical icons and descriptions
- Functional features to appear legitimate
This method, often referred to as typosquatting, increases the likelihood that developers will unknowingly install compromised extensions.
Multi-Stage Malware Delivery
The extensions act as loaders rather than direct threats. Once installed and activated, they retrieve a second-stage payload from external sources.
This payload is delivered as a VSIX package and automatically installed across multiple development environments on the system.
Cross-IDE Infection Capability
One of the most concerning aspects of this campaign is its ability to spread across different IDEs, including:
- Visual Studio Code
- Cursor
- Windsurf
- VSCodium
This ensures that the malware maintains persistence even if one development environment is removed.
Advanced Malware Functionality
The GlassWorm v2 malware is designed with multiple capabilities:
- Theft of sensitive developer data
- Deployment of a remote access trojan (RAT)
- Installation of a malicious browser extension
- Collection of credentials, bookmarks, and system information
The malware also includes logic to avoid execution on systems located in certain regions, indicating targeted behavior.
Evasion Techniques
Threat actors are continuously improving their techniques to avoid detection. In this campaign, they:
- Use obfuscated JavaScript instead of traditional binaries
- Employ Zig-based droppers for payload delivery
- Rely on trusted platforms like GitHub for hosting malicious components
These strategies make it harder for security tools to identify malicious activity.
Growing Scale of the Campaign
Researchers have linked this activity to a broader operation that has produced more than 300 malicious artifacts since late 2025.
The shift toward sleeper extensions and indirect payload delivery highlights a more sophisticated and persistent threat landscape targeting developers.
Security Risks for Developers
Developers are particularly vulnerable because extensions often have high-level access to codebases, credentials, and system resources.
A single compromised extension can expose:
- Source code
- API keys and tokens
- Cloud credentials
- Development workflows
Found this article interesting? Follow us on X (Twitter) , Facebook, Blue sky and LinkedIn to read more exclusive content we post.
