Developers are facing a new and deeply alarming threat that targets the very tools they use every day. Cybersecurity researchers at Koi Security have uncovered an advanced, self-spreading worm that is infecting extensions for Visual Studio Code (VS Code), one of the world’s most popular code editors.

This malicious campaign, nicknamed GlassWorm, is designed to spread itself from one developer to another, creating a chain reaction that could infect the entire software development community. It marks the second major attack on the developer supply chain in just one month, following a similar worm that targeted the npm JavaScript ecosystem in September.

This isn’t just a simple virus; it’s a highly sophisticated attack with multiple goals, including stealing credentials, draining cryptocurrency wallets, and turning developers’ computers into remote-controlled zombies for criminal activities.

A New Kind of Attack Hiding in Plain Sight

What makes GlassWorm so dangerous is the collection of clever tricks it uses to spread and stay hidden. The attackers have found ways to make their infrastructure nearly impossible to shut down and to hide their malicious code from even a careful developer.

First, the worm uses the Solana blockchain to get its instructions. Instead of connecting to a normal web server—which could be easily identified and blocked—the malware checks a public blockchain for transactions linked to an attacker’s wallet. It then reads tiny, hidden messages left in the “memo field” of a transaction. This message tells the malware which secret server to contact next to download the main part of the attack.

If that fails, the worm has a backup plan: it checks a public Google Calendar event, where the attackers have hidden the very same secret server address in the event’s description.

Second, the attackers hide their code using “invisible” Unicode characters. As researcher Idan Dardikman explained, these are special characters that are part of the official Unicode standard but produce no visual output. When a developer opens a file to inspect the code, the malicious parts are literally invisible in the editor, making a manual check useless.

How the Worm Spreads and What It Steals

The attack has already been found in 14 different VS Code extensions. Thirteen of these were on the popular Open VSX Registry, and one was even found on the official Microsoft Extension Marketplace. Together, these poisoned extensions have been downloaded nearly 36,000 times, with the first wave of infections hitting on October 17, 2025.

The worm’s primary goal is to steal a developer’s keys to the kingdom. Once active, it hunts for credentials for npm, Open VSX, GitHub, and Git.

This is the “worm” part of the attack. After stealing these credentials, the attackers immediately use them to hijack other packages and extensions that the developer maintains, injecting the GlassWorm virus into them. This automatically pushes the malicious code to all the users of those newly infected extensions, allowing the worm to spread exponentially without any further action from the attackers.

But the attack doesn’t stop there. The payload it downloads is a powerful information stealer. It is programmed to find and drain 49 different types of cryptocurrency wallet extensions. It also secretly installs tools that give the attackers complete control over the infected machine.

These tools include a hidden remote-access server (HVNC), allowing the criminal to see and control the developer’s computer. It also installs a SOCKS proxy, which effectively turns the developer’s computer into a relay for the attacker, who can then use it to launch other crimes while hiding their own location.

A “Self-Sustaining” Threat to the Software World

The problem is made even worse by a standard feature of VS Code: automatic updates. Because extensions are set to auto-update by default, developers who had one of the 14 extensions installed likely received the malicious update automatically, without ever having to click a button or approve a download.

Security experts are warning that this represents a new and dangerous evolution in software supply chain attacks. “This isn’t a one-off supply chain attack,” Dardikman stated. “It’s a worm designed to spread through the developer ecosystem like wildfire.”

The attackers have figured out how to build malware that is “self-sustaining.” They are no longer just hacking individual projects one by one. They are building automated weapons that can spread on their own through the entire software development world. This shift to using decentralized, hard-to-block technologies like blockchain for controlling malware is a growing trend, one that makes these new attacks far more persistent and difficult to stop.