GlassWorm v2: Threat Intelligence & Infection Diagnosis
2026-04-28
Last Updated: April 28, 2026
This document provides a comprehensive blacklist of compromised extensions and a technical guide for identifying active infections on developer workstations.
Who Was Targeted?
The GlassWorm v2 campaign was not aimed at end users or enterprises directly — it targeted software developers specifically, using the Open VSX marketplace as its delivery vector. This is significant: while the official VS Code Marketplace has more rigorous vetting, Open VSX is the default extension source for alternative IDEs including VSCodium, Cursor, and Windsurf, making their userbases disproportionately exposed.
Analysing the 73 extensions in the cluster reveals several distinct developer profiles in the threat actor's crosshairs:
- General developers using alternative IDEs — The primary target. Anyone running VSCodium, Cursor, or Windsurf who installs extensions from Open VSX without verifying publisher namespaces.
- Front-end developers — Targeted via fake Prettier clones (
vsce-prettier-pro) and HTML validation tools (cubedivervolt.html-code-validate), impersonating widely-used front-end tooling. - Industrial & ICS/PLC engineers — Specifically targeted through
krundoven.ironplc-fast-hub, a clone of the legitimate IronPLC extension used in industrial control system development. - Localization & internationalization teams — Targeted via
Emotionkyoseparate.turkish-language-pack, a typosquatted clone of Microsoft's official Turkish language pack. - Developers who manage dependencies or version tracking — Targeted via
winnerdomain17.version-lens-tool, impersonating a popular dependency management extension.
It is worth noting that the GlassWorm campaign has previously targeted macOS users with trojanized crypto wallet clients , and credential theft — including SSH keys, access tokens, and developer environment data — remains a consistent objective across all variants.
01. Comprehensive Extension Blacklist
If any of the following identifiers are found in your extension library, your environment is considered compromised [1].
A. Confirmed Malicious Loaders
| Extension Identifier (Full ID) | Disguised Purpose |
|---|---|
| outsidestormcommand.monochromator-theme | Theme |
| keyacrosslaud.auto-loop-for-antigravity | Productivity |
| krundoven.ironplc-fast-hub | Industrial Tools |
| boulderzitunnel.vscode-buddies | Social Coding |
| cubedivervolt.html-code-validate | Linter |
| winnerdomain17.version-lens-tool | Dependency Management |
| Emotionkyoseparate.turkish-language-pack | Localization |
B. High-Risk Publisher IDs (The 73-Artifact Cluster)
The following publishers are associated with the GlassWorm v2 "sleeper" campaign. Avoid all extensions from these accounts [1][2]:
- outsidestormcommand
- keyacrosslaud
- krundoven
- boulderzitunnel
- cubedivervolt
- winnerdomain17
- Emotionkyoseparate
- angular-studio
- crotoapp
- gvotcha
- mswincx
- tamokill12
- turbobase
- vce-brendan-studio-eich
C. Hijacked & Typosquatted Tools
Hijacked Accounts:
Malicious Clones:
- vsce-prettier-pro
- sql-turbo-tool
- claude-code-extension
- antigravity-cockpit
- js-debuger-vscode
02. How to Identify if You Are Infected
The GlassWorm v2 malware is a multi-stage threat. Even if you delete the extension, a secondary payload may already be resident on your system [2]. Use the following steps to diagnose an infection.
1. Check for Rogue VSIX Payloads
The primary loader downloads a secondary VSIX from a GitHub repository and installs it silently across all identified IDEs (VS Code, VSCodium, Cursor, Windsurf) [1].
Action: Check your extensions folder for any extension you do not recognize that lacks a Marketplace/Open VSX link.
- Path (macOS/Linux): ~/.vscode/extensions or ~/.vscode-oss/extensions
- Path (Windows): %USERPROFILE%.vscode\extensions
2. Inspect for Rogue Chromium Extensions
The malware's end goal is often the deployment of a rogue Chromium-based extension to siphon browser data [1][2].
Action: Open your browser (Chrome, Brave, Edge) and check for extensions you did not install.
Red Flag: Any extension that requests "Read and change all your data on all websites" without a clear purpose, especially those related to "Developer Tools" or "Formatting."[5]
3. Identify Zig-based Droppers
The malware uses Zig-compiled binaries to evade traditional signature-based detection [1].
Action: Monitor your process list for unusual network activity originating from the IDE.
Technical Indicator: Look for unexpected outbound connections to GitHub raw content domains (raw.githubusercontent.com) or unknown IP addresses immediately after starting your IDE.
4. Check for Remote Access Trojans (RATs)
If infected, the malware may attempt to establish a persistent RAT [1].
Action: Check your system startup items for any scripts or binaries located in temp folders or the IDE's application data folders that you did not authorize.
References
[1] Socket Research Team. (2026). GlassWorm v2: Analysis of 73 Malicious VS Code Extensions.
[2] Hive Pro Threat Intelligence. (2026). Sleeper Packages and Transitive Dependencies in IDE Malware.
[3] Open VSX Security Advisory. (2026). Compromised Publisher Accounts and Typosquatting Trends.
[4] Hive Pro Threat Advisory. (2026). Compromised Publisher 'oorzc': Strategic Analysis and IOCs.
[5] Aikido Security. (2026). The GlassWorm Payload: From VS Code to Browser Credentials.