A new variant of the GlassWorm campaign has been identified. This new attack chain follows a multi-stage structure, enabling both extensive data exfiltration and the deployment of a Remote Access Trojan (RAT) on victim systems. According to the research, the malware also uses a fake Chrome extension that appears as Google Docs Offline to collect browser data and information related to cryptocurrency assets. 

According to the report, GlassWorm operators typically gain initial access through malicious packages distributed via npm, PyPI, GitHub, and Open VSX. In some cases, compromised maintainer accounts are used to distribute poisoned updates. One notable aspect of the campaign is the use of Solana blockchain transactions as a “dead drop resolver” to conceal command-and-control (C2) infrastructure. Instead of hardcoding the C2 address, the malware retrieves it dynamically from data stored on the blockchain.

It is also highlighted that GlassWorm has recently expanded its tactics to target the MCP ecosystem, publishing malicious npm packages that impersonate the WaterCrawl MCP server. Experts recommend that developers carefully verify publisher identities, package history, and trust indicators when installing Open VSX extensions, npm packages, and MCP servers. Additionally, an open-source tool called “glassworm-hunter” has been released to help detect indicators of this campaign.

For detailed information, you can reach out to our experts at info@zerosecond.com.ae