GlassWorm malware is abusing the open source Open VSX marketplace to target macOS developers with fake VS Code extensions.
A new wave of the GlassWorm malware is actively targeting macOS developers, marking the first campaign phase focused exclusively on Macs and the fourth wave detected in just over two months.
The malware is being distributed through malicious Visual Studio Code extensions hosted on Open VSX, an open source alternative to Microsoft’s official VS Code extension marketplace. The campaign exploits trust in open source developer ecosystems by disguising malware as legitimate tools.
Security researchers at Koi Security identified three trojanised extensions on Open VSX that together showed more than 50,000 downloads, although researchers warned that download metrics can be manipulated to create false legitimacy. The extensions posed as common developer utilities, including code formatters and theme packs.
GlassWorm is engineered to steal cryptocurrency wallet data across browser-based and desktop wallets, along with GitHub and npm credentials, SSH keys, browser cookies, macOS Keychain passwords, source code, and developer credentials. The campaign primarily targets developers in cryptocurrency, Web3, and start-up environments, where macOS adoption is widespread.
First detected in October, GlassWorm initially hid malicious code using invisible Unicode characters. Later waves replaced this approach with compiled Rust binaries, expanding the malware’s capabilities. Despite multiple public disclosures, the attackers rapidly adapted their techniques.
“The GlassWorm actor isn’t just persistent, they’re evolving. And now they’re coming for your Mac,” Koi Security researchers said.
Unlike earlier Windows-focused variants, the latest version is purpose-built for macOS, using AppleScript, LaunchAgents for persistence, and direct macOS Keychain access. “This isn’t a lazy port. The attacker knows macOS. This is professional work,” Koi Security noted.
The malware uses AES-256-CBC encryption, delayed execution to evade sandbox detection, and the Solana blockchain for command-and-control, embedding server instructions in transaction memos. Researchers warn GlassWorm is evolving into a persistent, cross-platform supply chain threat.
