{
	"id": "c39eb3af-d7df-409c-9cbc-c0b85fdf8a71",
	"created_at": "2026-04-06T00:17:48.61339Z",
	"updated_at": "2026-04-10T13:12:17.603712Z",
	"deleted_at": null,
	"sha1_hash": "e3b75920f8d52f5196897b6e17a4efe03087b203",
	"title": "First Self-Propagating Worm Using Invisible Code Hits OpenVSX Marketplace",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 11339108,
	"plain_text": "First Self-Propagating Worm Using Invisible Code Hits OpenVSX\r\nMarketplace\r\nBy Idan Dardikman,,\r\nArchived: 2026-04-05 14:30:42 UTC\r\nA month after Shai Hulud became the first self-propagating worm in the npm ecosystem, we just discovered the\r\nworld's first worm targeting VS Code extensions on OpenVSX marketplace.\r\nBut GlassWorm isn't just another supply chain attack. It's using stealth techniques we've never seen before in the\r\nwild - invisible Unicode characters that make malicious code literally disappear from code editors. Combine that\r\nwith blockchain-based C2 infrastructure that can't be taken down, Google Calendar as a backup command server,\r\nand a full remote access trojan that turns every infected developer into a criminal proxy node.\r\nThis is one of the most sophisticated supply chain attacks we've ever analyzed. And it's spreading right now.\r\nEtt fel inträffade.\r\nDet går inte att köra JavaScript.\r\nWhat GlassWorm does to infected systems:\r\nHarvests NPM, GitHub, and Git credentials for supply chain propagation\r\nTargets 49 different cryptocurrency wallet extensions to drain funds\r\nDeploys SOCKS proxy servers, turning developer machines into criminal infrastructure\r\nInstalls hidden VNC servers for complete remote access\r\nUses stolen credentials to compromise additional packages and extensions, spreading the worm further\r\nThe current state: Seven OpenVSX extensions compromised on October 17, 2025. Total downloads -35,800. Ten\r\nextensions still actively distributing malware as you read this. The attacker's C2 infrastructure is fully\r\noperational - payload servers are responding, and stolen credentials are being used to compromise additional\r\npackages.\r\nUpdate (Oct 19, 2025): A new infected extension detected in Microsoft's VSCode marketplace - still active.\r\nThe attack went live yesterday. The infrastructure is active. The worm is spreading.\r\nWhat Our Risk Engine Detected\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 1 of 16\n\nHere's how this whole thing started. Our risk engine at Koi flagged an OpenVSX extension called CodeJoy when\r\nversion 1.8.3 introduced some suspicious behavioral changes. When our researchers dug into it - like we do with\r\nany malware our risk engine flags - what we found was very disturbing.\r\nCodeJoy risk report on Koidex\r\nCodeJoy looked legitimate. A developer productivity tool with hundreds of downloads, regular updates, seemingly\r\nnormal code. But our risk engine caught something that human code review would miss entirely: suspicious\r\nnetwork connections and credential access patterns that had nothing to do with the extension's productivity\r\nfeatures\r\nSo we opened up the source code to take a closer look.\r\nAnd that's when we saw it. Or rather, didn't see it.\r\nThe Invisible Attack: Unicode Stealth Technique\r\nLook at this screenshot of the CodeJoy extension's source code:\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 2 of 16\n\nInvisible malicious code inCodeJoy's version 1.8.3\r\nSee that massive gap between lines 2 and 7? That's not empty space. That's malicious code. Encoded in\r\nunprintable Unicode characters that literally don't render in your code editor.\r\nLet me say that again: the malware is invisible. Not obfuscated. Not hidden in a minified file. Actually invisible to\r\nthe human eye.\r\nThe attacker used Unicode variation selectors - special characters that are part of the Unicode specification but\r\ndon't produce any visual output. To a developer doing code review, it looks like blank lines or whitespace. To\r\nstatic analysis tools scanning for suspicious code, it looks like nothing at all. But to the JavaScript interpreter? It's\r\nexecutable code.\r\nThis is why we call it GlassWorm. Like glass, it's completely transparent. You can stare right at it and see nothing.\r\nThe developer whose account got compromised probably looked at this file, saw what appeared to be their\r\nlegitimate code, and had no idea they were about to distribute malware to hundreds of users.\r\nHere's the thing - this technique completely breaks traditional code review. You can't spot what you can't see.\r\nGitHub's diff view? Shows nothing suspicious. Your IDE's syntax highlighting? All clear. Manual code\r\ninspection? Everything looks normal.\r\nThe invisible code technique isn't just clever - it's a fundamental break in our security model. We've built entire\r\nsystems around the assumption that humans can review code. GlassWorm just proved that assumption wrong.\r\nStage 2: The Unkillable C2 - Solana Blockchain\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 3 of 16\n\nSo we decoded the invisible Unicode characters. What do we find inside? Another stage of sophistication that\r\nhonestly made our jaws drop.\r\nThe malware uses the Solana blockchain as its command and control infrastructure.\r\nRead that again. The attacker is using a public blockchain - immutable, decentralized, impossible to take down -\r\nas their C2 server.\r\nHere's how it works:\r\nSolana blockchain points to the next stage\r\nThe malware searches the Solana blockchain for transactions from the hardcoded wallet address. When it finds a\r\ntransaction, it reads the memo field - a place where you can attach arbitrary text to blockchain transactions. Inside\r\nthat memo? A JSON object with a base64-encoded link to download the next stage.\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 4 of 16\n\nLink to the next stage in the memo of the transaction\r\nLook at that screenshot. That's a real Solana transaction from October 15, 2025 - three days ago. The instruction\r\ndata contains: {\"link\":\"aHR0cDovLzIxNy42OS4zLjIxOC9xUUQlMkZKb2kzV0NXU2s4Z2dHSGlTdg==\"}\r\nThat base64 string decodes to: http://217.69.3.218/qQD%2FJoi3WCWSk8ggGHiTdg%3D%3D\r\nAnd just like that, the malware knows where to download its next payload.\r\nWhy this is absolutely brilliant (and terrifying):\r\nImmutable: Once a transaction is on the blockchain, it can't be modified or deleted. Ever. No takedown\r\nrequests. No domain seizures. It's there forever.\r\nAnonymous: Crypto wallets are pseudonymous. Good luck tracing this back to a real person.\r\nCensorship-resistant: There's no hosting provider to contact, no registrar to pressure, no infrastructure to\r\nshut down. The Solana blockchain just... exists.\r\nLegitimate traffic: Connections to Solana RPC nodes look completely normal. Security tools won't flag it.\r\nDynamic and cheap: Want to update your payload? Just post a new transaction. Cost? 0.000005 SOL -\r\nless than a penny. The attacker can rotate infrastructure as often as they want for pocket change.\r\nEven if you identify and block the payload URL ( 217.69.3.218 in this case), the attacker just posts a new\r\ntransaction with a different URL, and all infected extensions automatically fetch the new location. You're playing\r\nwhack-a-mole with an opponent who has infinite moles and infinite mallets.\r\nThis isn't some theoretical attack vector. This is a real-world, production-ready C2 infrastructure that's actively\r\nserving malware right now. And there's literally no way to take it down.\r\nStage 3: The Credential Harvest\r\nThe Solana transaction points to an IP address: 217.69.3.218 . We fetch the URL and get back a massive base64\r\npayload. But it's encrypted. AES-256-CBC encryption with a key I don't have.\r\nSo where's the decryption key?\r\nIn the HTTP response headers.\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 5 of 16\n\nThe decryption key hides in the response headers\r\nThe attacker is dynamically generating encryption keys per request and passing them in custom HTTP headers.\r\nSmart - even if you intercept the encrypted payload, you need to make a fresh request to get the current keys.\r\nWe decrypted the payload and started analyzing what it does. This is where GlassWorm's true purpose becomes\r\nclear.\r\nGlassWorm hunting for crypto wallets\r\nThe malware is hunting for credentials:\r\nNPM authentication tokens - to publish malicious packages\r\nGitHub tokens - to compromise repositories\r\nOpenVSX credentials - to inject more extensions\r\nGit credentials - to push malicious code\r\n49 different cryptocurrency wallet extensions - targeting MetaMask, Phantom, Coinbase Wallet, and\r\ndozens more\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 6 of 16\n\nGlassWorm staling NPM and OpenVSX credentials\r\nBut wait, there's more. Buried in the code, we found something else: a Google Calendar link.\r\nhttps://calendar.app.google/M2ZCvM8ULL56PD1d6\r\nStrange title for a Google Calendar event right?\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 7 of 16\n\nThe malware reaches out to this Google Calendar event as a backup C2 mechanism. And guess what's in the event\r\ntitle? Another base64-encoded URL pointing to yet another encrypted payload.\r\nThe attacker created a Google Calendar event with the title:\r\naHR0cDovLzIxNy42OS4zLjIxOC9nZXRfem9tYmlfcGF5bG9hZC9xUUQlMkZKb2kzV0NXU2s4Z2dHSGlUdg==\r\nThat decodes to: http://217.69.3.218/get_zombi_payload/qQD%2FJoi3WCWSk8ggGHiTdg%3D%3D\r\nNotice the path: /get_zombi_payload/\r\nYeah. \"Zombi\" as in zombie botnet. The attacker is literally naming their endpoints after what they're turning\r\nvictims into.\r\nWhy use Google Calendar as backup C2?\r\nFree and legitimate (no one's blocking Google Calendar)\r\nCan be updated anytime by editing the event\r\nCompletely bypasses security controls\r\nAnother unkillable infrastructure piece\r\nSo now we have a triple-layer C2 system:\r\n1. Solana blockchain (primary, immutable)\r\n2. Direct IP connection (217.69.3.218)\r\n3. Google Calendar (backup, legitimate service)\r\nIf one gets blocked, the others keep working. And all three are nearly impossible to take down.\r\nStage 4: ZOMBI - The Nightmare Reveal\r\nWe fetch the \"zombi_payload\" URL, capture the encryption keys from the headers, decrypt it, and start\r\ndeobfuscating what turns out to be a massively obfuscated JavaScript payload.\r\nAnd that's when we realized: this isn't just credential theft. This is a full-spectrum remote access trojan.\r\nGlassWorm's final stage - the ZOMBI module - transforms every infected developer workstation into a node in a\r\ncriminal infrastructure network. Let me break down what this thing can do, because it's honestly one of the most\r\nsophisticated pieces of malware we've analyzed.\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 8 of 16\n\nOh no! the GlassWorm is now a zombi!\r\nSOCKS Proxy - Your Machine Becomes Criminal Infrastructure\r\nThe ZOMBI module can turn your computer into a SOCKS proxy server. Here's the code:\r\nGlassWorm zombi - turns the workstation into socks server\r\nYour developer workstation - the one sitting inside your corporate network, behind all your firewalls and security\r\ncontrols - just became a proxy node for criminal activity.\r\nWhy this is devastating:\r\nCorporate network access: Your machine can reach internal systems that external attackers can't\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 9 of 16\n\nAttack anonymization: Attackers route their traffic through your IP, not theirs\r\nFirewall bypass: Internal machines can access resources external proxies can't reach\r\nFree infrastructure: Why pay for proxy servers when victims provide them?\r\nEvery single infected developer becomes a node in a global proxy network. And you won't even know it's\r\nhappening.\r\nWebRTC P2P - Direct Peer-to-Peer Control\r\nZOMBI downloads and deploys WebRTC modules for peer-to-peer communication:\r\nWebRTC enables direct peer-to-peer connections that bypass traditional firewalls through NAT traversal. The\r\nattacker can establish real-time, direct control channels to infected machines without going through any central\r\nserver.\r\nBitTorrent DHT - Decentralized Command Distribution\r\nZOMBI uses BitTorrent's Distributed Hash Table (DHT) network for command distribution:\r\nCommands are distributed through the BitTorrent DHT network - the same decentralized system that makes\r\ntorrent tracking impossible to shut down. There's no central C2 server to take offline. Commands propagate\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 10 of 16\n\nthrough a distributed network of millions of nodes.\r\nHidden VNC (HVNC) - Complete Invisible Remote Control\r\nAnd here's the truly terrifying part - HVNC (Hidden Virtual Network Computing):\r\nHVNC gives the attacker complete remote desktop access to your machine - but it's hidden. It runs in a virtual\r\ndesktop that doesn't appear in Task Manager, doesn't show any windows on your screen, and operates completely\r\ninvisibly.\r\nThe attacker can:\r\nUse your browser with your logged-in sessions\r\nAccess your email, Slack, internal tools\r\nRead your source code\r\nSteal additional credentials\r\nPivot to other systems on your network\r\nDo literally anything you could do - but you'll never see it happening\r\nThe Full Picture\r\nZOMBI isn't just malware. It's a complete remote access and network penetration toolkit:\r\nSOCKS proxy for routing attacks through victim networks\r\nWebRTC P2P for direct, firewall-bypassing control\r\nBitTorrent DHT for unkillable command distribution\r\nHVNC for invisible remote desktop access\r\nAutomatic restart on any failure (it won't go away)\r\nModular architecture supporting dynamic capability updates\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 11 of 16\n\nFor enterprises, this is a nightmare scenario. An infected developer workstation becomes:\r\nAn internal network access point\r\nA persistent backdoor\r\nA proxy for attacking other internal systems\r\nAn exfiltration channel for sensitive data\r\nA command and control relay point\r\nAnd it all started with an invisible Unicode character in a VS Code extension.\r\nThe Worm Spreads: Self-Propagation Through Stolen Credentials\r\nHere's where GlassWorm earns the \"Worm\" part of its name.\r\nRemember all those credentials it's stealing? NPM tokens, GitHub credentials, OpenVSX access? Those aren't just\r\nfor data theft. They're for propagation.\r\nThe self-replication cycle:\r\n1. Initial infection - Compromised developer account pushes malicious code to legitimate extension\r\n2. Invisible payload - Unicode-hidden malware executes on victim machines\r\n3. Credential harvest - Steals NPM, GitHub, OpenVSX, Git credentials\r\n4. Automated spread - Uses stolen credentials to compromise MORE packages and extensions\r\n5. Exponential growth - Each new victim becomes an infection vector\r\n6. Repeat - The cycle continues automatically\r\nThis isn't a one-off supply chain attack. It's a worm designed to spread through the developer ecosystem like\r\nwildfire.\r\nJust one month ago, the security community witnessed Shai Hulud - the first successful self-propagating worm in\r\nthe npm ecosystem. That campaign compromised over 100 packages by stealing npm tokens and automatically\r\npublishing malicious versions.\r\nGlassWorm brings this same technique to OpenVSX, but with terrifying evolutions:\r\nInvisible code injection that bypasses all code review\r\nBlockchain-based C2 that can't be taken down\r\nFull RAT capabilities turning victims into criminal infrastructure\r\nMulti-layered redundancy across three different C2 mechanisms\r\nThe pattern is clear. Attackers have figured out how to make supply chain malware self-sustaining. They're not\r\njust compromising individual packages anymore - they're building worms that can spread autonomously through\r\nthe entire software development ecosystem.\r\nWith traditional supply chain attacks, you compromise one package and that's your blast radius. With worms like\r\nShai Hulud and GlassWorm, each infection is a new launching point for dozens more. It's exponential growth. And\r\nwe're just starting to see what that looks like.\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 12 of 16\n\nImpact: 35,800 Victims, Active RIGHT NOW\r\nLet's talk about the current state of this infection. Because this isn't some theoretical attack or historical incident.\r\nGlassWorm is active right now.\r\nAttack Timeline:\r\nOctober 17, 2025: Seven OpenVSX extensions compromised (yesterday)\r\nOctober 18, 2025: We detected and began analysis (today)\r\nOctober 19, 2025: More compromised extensions detected in OpenVSX and VSCode marketplaces\r\nCurrent status: Five extensions still actively distributing malware\r\nTotal impact: 35,800 installations\r\nHere's what makes this particularly urgent: VS Code extensions auto-update. When CodeJoy pushed version 1.8.3\r\nwith invisible malware, everyone with CodeJoy installed got automatically updated to the infected version. No\r\nuser interaction. No warning. Just silent, automatic infection.\r\nAnd since the malware is invisible, the original developers whose accounts were compromised probably had no\r\nidea. They might have even reviewed the \"empty\" lines in their code and seen nothing wrong.\r\nWhat's happening right now to infected systems:\r\n1. Credential theft in progress - NPM tokens, GitHub credentials, Git credentials being harvested\r\n2. Cryptocurrency wallets being drained - 49 different wallet extensions targeted\r\n3. SOCKS proxies deploying - Turning developer workstations into criminal infrastructure\r\n4. HVNC installation - Hidden remote access being established\r\n5. Network reconnaissance - Infected machines mapping internal corporate networks\r\n6. Preparation for spread - Stolen credentials being validated for additional compromises\r\nThe C2 infrastructure is fully operational:\r\n217.69.3.218 - Responding and serving encrypted payloads\r\nSolana blockchain - Transaction active, pointing to payload servers\r\nGoogle Calendar event - Live and accessible\r\nExfiltration server (140.82.52.31) - Collecting stolen data\r\nThis is an active, ongoing compromise. Not a case study. Not a war story. This is happening right now, as you read\r\nthis sentence.\r\nIf you have any of the infected extensions installed, you're compromised. Your credentials are likely stolen. Your\r\ncrypto wallets may be drained. Your machine might already be serving as a SOCKS proxy for criminal activity.\r\nAnd you probably have no idea any of this is happening.\r\nTwo developers managed to push clean updates (vscode-theme-seti-folder and git-worktree-menu), suggesting\r\nthey either regained access to their accounts or noticed something was wrong. But five extensions are still\r\ninfected. Five developers who either don't know they're compromised or can't regain control of their accounts.\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 13 of 16\n\nAnd remember: this is just what we've found so far. GlassWorm is designed to spread. Those stolen credentials are\r\nbeing used right now to compromise additional packages and extensions. The real victim count could be much\r\nhigher.\r\nFinal Thoughts\r\nThis writeup was authored by the research team at Koi Security, with a healthy dose of paranoia and hope for a\r\nsafer open-source ecosystem.\r\nGlassWorm shows how easy it is for malicious extensions to slip past marketplace security and compromise\r\nsensitive data. With Koi, security teams gain visibility, risk scoring, and governance across binary \u0026 non-binary\r\nsoftware before it ever hits production.\r\nBook a demo to see how Koi closes the gap that legacy tools miss.\r\nFor too long, the use of untrusted third-party code, often running with the highest privileges has flown under the\r\nradar for both enterprises and attackers. That era is ending. The tide is shifting. Just last month we uncovered\r\nanother campaign of 18 featured and verified extensions that turned malicious and affected millions of users.\r\nWe’ve built Koi to meet this moment; for practitioners and enterprises alike. Our platform helps discover, assess,\r\nand govern everything your teams pull from marketplaces like the Chrome Web Store, VSCode, Hugging Face,\r\nHomebrew, GitHub, and beyond.\r\nTrusted by Fortune 50 organizations, BFSIs and some of the largest tech companies in the world, Koi automates\r\nthe security processes needed to gain visibility, establish governance, and proactively reduce risk across this\r\nsprawling attack surface.\r\nBecause in a world where malware can be literally invisible, paranoia isn't a bug - it's a feature.\r\nStay safe out there.\r\nIOCs\r\nCompromised Extensions\r\nOpenVSX Extensions (with malicious versions):\r\ncodejoy.codejoy-vscode-extension@1.8.3\r\ncodejoy.codejoy-vscode-extension@1.8.4\r\nl-igh-t.vscode-theme-seti-folder@1.2.3\r\nkleinesfilmroellchen.serenity-dsl-syntaxhighlight@0.3.2\r\nJScearcy.rust-doc-viewer@4.2.1\r\nSIRILMP.dark-theme-sm@3.11.4\r\nCodeInKlingon.git-worktree-menu@1.0.9\r\nCodeInKlingon.git-worktree-menu@1.0.91\r\nginfuru.better-nunjucks@0.3.2\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 14 of 16\n\nellacrity.recoil@0.7.4\r\ngrrrck.positron-plus-1-e@0.0.71\r\njeronimoekerdt.color-picker-universal@2.8.91\r\nsrcery-colors.srcery-colors@0.3.9\r\nsissel.shopify-liquid@4.0.1\r\nTretinV3.forts-api-extention@0.3.1\r\nMicrosoft VSCode Extensions:\r\ncline-ai-main.cline-ai-agent@3.1.3\r\nInfrastructure\r\nCommand \u0026 Control:\r\n217.69.3.218 (primary C2 server)\r\n199.247.10.166 (primary C2 server)\r\n140.82.52.31:80/wall (exfiltration endpoint)\r\n199.247.13.106:80/wall (exfiltration endpoint)\r\nBlockchain Infrastructure:\r\nSolana Wallet: 28PKnu7RzizxBzFPoLp69HLXp9bJL3JFtT2s5QzHsEA2\r\nTransactions: 49CDiVWZpuSW1b2HpzweMgePNg15dckgmqrrmpihYXJMYRsZvumVtFsDim1keESPCrKcW2CzYjN3nSQDGG14KKFM\r\n3eVTqgEVdUCWcppSh7HQ6h6au7k8JL7Nt7rreKYB598ew4sVe2tBcx87cQS1ocrHPKzeatbJUyHM57Yb1qFasCuL\r\n3v3jCvKfdvHjdoZx3RX7ATUY8jKTrt9hJwhqF5qqpeoK9U9BQvGPPntH2B4qDwQtACBtfrfjNRkM6DZtnjZPGwHL\r\nGoogle Calendar C2:\r\nhttps://calendar.app.google/M2ZCvM8ULL56PD1d6\r\nOrganizer: uhjdclolkdn@gmail.com\r\nPayload URLs:\r\nhttp://217.69.3.218/qQD%2FJoi3WCWSk8ggGHiTdg%3D%3D\r\nhttp://217.69.3.218/get_arhive_npm/\r\nhttp://217.69.3.218/get_zombi_payload/qQD%2FJoi3WCWSk8ggGHiTdg%3D%3D\r\nRegistry Indicators\r\nPersistence Mechanisms:\r\nHKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 15 of 16\n\nHKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\r\nSource: https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nhttps://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace\r\nPage 16 of 16",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace"
	],
	"report_names": [
		"glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace"
	],
	"threat_actors": [
		{
			"id": "aa73cd6a-868c-4ae4-a5b2-7cb2c5ad1e9d",
			"created_at": "2022-10-25T16:07:24.139848Z",
			"updated_at": "2026-04-10T02:00:04.878798Z",
			"deleted_at": null,
			"main_name": "Safe",
			"aliases": [],
			"source_name": "ETDA:Safe",
			"tools": [
				"DebugView",
				"LZ77",
				"OpenDoc",
				"SafeDisk",
				"TypeConfig",
				"UPXShell",
				"UsbDoc",
				"UsbExe"
			],
			"source_id": "ETDA",
			"reports": null
		}
	],
	"ts_created_at": 1775434668,
	"ts_updated_at": 1775826737,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/e3b75920f8d52f5196897b6e17a4efe03087b203.pdf",
		"text": "https://archive.orkl.eu/e3b75920f8d52f5196897b6e17a4efe03087b203.txt",
		"img": "https://archive.orkl.eu/e3b75920f8d52f5196897b6e17a4efe03087b203.jpg"
	}
}