New GlassWorm malware wave targets Macs with trojanized crypto wallets www.bleepingcomputer.com/news/secu…
A fourth wave of the “GlassWorm” campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver trojanized versions of crypto wallet applications.
The GlassWorm malware first appeared on the marketplaces in October, hidden inside malicious extensions using “invisible” Unicode characters.
Once installed, the malware attempted to steal credentials for GitHub, npm, and OpenVSX accounts, as well as cryptocurrency wallet data from multiple extensions. Additionally, it supported remote access through VNC and can route traffic through the victim’s machine via a SOCKS proxy.
