Dozens of Open VSX Extension Clones Linked to GlassWorm Malware
Summary
Security researchers have identified over 70 cloned extensions within the Open VSX registry. These extensions are suspected of being sleeper components intended to distribute malware, with a link to the GlassWorm malware family being observed.
IFF Assessment
FOE
The discovery of numerous malicious extensions poses a direct threat to users by potentially delivering malware, thus being bad news for defenders.
Defender Context
This discovery highlights the ongoing threat of malicious extensions masquerading as legitimate software, particularly in open registries. Defenders should remain vigilant about the source and authenticity of any extensions used in their development environments and implement strict vetting processes for third-party code.