GlassWorm Malware Targets macOS Developers Through Compromised OpenVSX Extensions

If you develop on macOS and use Visual Studio Code with extensions from OpenVSX, your passwords, cryptocurrency wallets, and authentication credentials may have been stolen.

Security researchers have uncovered a malware campaign called GlassWorm that distributed information stealing malware through compromised code editor extensions. The attackers hijacked a legitimate developer account and pushed malicious updates to four popular extensions, affecting an estimated 22,000 downloads before the attack was discovered.

The malicious updates were distributed on January 30, 2026, giving the malware nearly a week to spread before security teams detected it.

The Compromised Extensions

The attack targeted four extensions published under the legitimate developer account "oorzc" on OpenVSX, an open source alternative to Microsoft's Visual Studio Code marketplace:

• oorzc.ssh-tools v0.5.1 (completely delisted due to multiple malicious versions)
• oorzc.i18n-tools-plus v1.6.8
• oorzc.mind-map v1.0.61
• oorzc.scss-to-css-compile v1.3.4

The attackers gained access to the legitimate developer's account and pushed updates containing hidden malicious code. Users who had automatic updates enabled would have received the compromised versions without any warning.

Invisible Malicious Code

GlassWorm uses a clever obfuscation technique to hide its malicious payload. The attackers embedded harmful code using invisible Unicode characters that appear as blank space in code editors but execute normally when the extension runs.

This technique makes manual code review nearly useless. Even a developer carefully examining the extension's source code might miss the malicious payload entirely because it literally cannot be seen.

The obfuscation allowed the malicious updates to pass initial scrutiny and reach thousands of users before security tools detected the threat.

What GlassWorm Steals

Once installed, GlassWorm aggressively harvests sensitive data from the infected macOS system. The stolen information includes:

• Browser data from Firefox and Chromium based browsers
• Cryptocurrency wallet extensions and applications
• macOS keychain credentials (your saved passwords)
• Apple Notes databases
• Safari cookies
• Developer authentication secrets and configurations
• Local filesystem documents

All stolen data is exfiltrated to an attacker controlled server. For developers, this could mean compromised cloud credentials, API keys, and access to production systems.

Persistent Remote Access

Beyond data theft, GlassWorm establishes persistent backdoor access to infected systems. The malware installs itself as a LaunchAgent on macOS, ensuring it runs automatically whenever the user logs in.

The backdoor supports VNC based remote access, allowing attackers to view and control the infected computer's screen. It also includes SOCKS proxy functionality, which lets attackers route their network traffic through the victim's machine, potentially using it for further attacks.

This persistence mechanism means removing the malicious extension alone is not sufficient. The malware continues running independently of the code editor.

Russian Locale Exclusion

Security researchers noted an interesting detail in the malware's code: GlassWorm deliberately excludes systems configured with Russian locale settings. When the malware detects a Russian language configuration, it terminates without executing its payload.

This behavior is a common indicator of attackers operating from Russia or former Soviet states, where criminals often code their malware to avoid infecting local systems. The technique helps them avoid attention from local law enforcement while freely targeting victims in other countries.

The targeting of macOS specifically suggests the attackers were after higher value developer targets, as macOS usage is higher among software developers than the general population.

How to Check If You're Affected

If you use Visual Studio Code with extensions from OpenVSX, check whether any of the affected extensions are installed. Open VS Code, navigate to Extensions, and search for extensions published by "oorzc".

If you had any of these extensions installed around January 30, 2026 or later, assume your system is compromised and take immediate action:

1. Uninstall the affected extensions immediately
2. Check for and remove any suspicious LaunchAgents in ~/Library/LaunchAgents/
3. Rotate all passwords stored in your macOS keychain
4. Reset authentication credentials for all development services
5. Transfer cryptocurrency from any wallets that may have been accessed
6. Review recent activity on cloud services and code repositories
7. Consider a full system reinstall for maximum security

Eclipse Foundation Response

The Eclipse Foundation, which operates OpenVSX, has taken action against the compromised account. They revoked all unauthorized tokens, removed the malicious extension releases, and completely delisted the ssh-tools extension due to multiple malicious versions.

The swift response limited the damage, but for users who installed updates during the attack window, the malware was already deployed.

Protecting Your Development Environment

This attack continues a troubling trend of supply chain compromises targeting developer tools. Browser extensions, IDE plugins, and package managers have all become targets because developers often grant these tools extensive system access.

To reduce your risk:

• Disable automatic extension updates and review changes before installing
• Prefer extensions from official marketplaces with stronger verification
• Use a dedicated development machine with limited access to production credentials
• Store sensitive credentials in hardware security keys rather than software managers
• Monitor extension changelogs for unexpected updates from new maintainers

The tools developers rely on daily have become high value targets. When a single compromised extension can steal credentials, cryptocurrency, and provide remote access to your system, every extension deserves careful scrutiny before installation.