GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Summary
The ongoing GlassWorm campaign has evolved with a new Zig dropper that targets developer IDEs. This dropper is disguised within an Open VSX extension, masquerading as a legitimate tool to stealthily infect developer machines.
IFF Assessment
FOE
The deployment of a new, stealthy dropper targeting developer tools represents a significant threat to code integrity and the security of software development pipelines.
Defender Context
Defenders should be aware of this evolving GlassWorm campaign and its use of compromised IDE extensions. Organizations need to implement strict vetting processes for third-party plugins and extensions used in development environments, and educate developers on the risks of installing untrusted software.