What Happened
Between late 2024 and early 2025, attackers compromised 433 code repositories and packages across GitHub, npm, and OpenVSX marketplaces. The malware, known as GlassWorm, infiltrated these platforms through compromised developer accounts. Once installed, it exfiltrated cryptocurrency wallet data and developer credentials from infected systems.
This attack was notable for its use of Unicode obfuscation to conceal malicious intent and a command-and-control infrastructure built on the Solana blockchain, which the malware queries every five seconds for new instructions.
Timeline
Discovery Phase: Security researchers at Aikido and other teams identified the compromised packages during routine supply-chain monitoring.
Attack Vector: Attackers accessed legitimate developer accounts through credential compromise, then pushed malicious updates to existing packages and created new malicious packages.
Distribution: The malware spread across npm for Node.js projects, GitHub repositories for various languages, and OpenVSX for Visual Studio Code extensions.
Active Period: The campaign remained active through discovery, with the blockchain C2 infrastructure continuing to issue commands to infected systems.
Which Controls Failed or Were Missing
Package Verification: The compromised ecosystems lacked mandatory code review or verification before accepting updates from authenticated accounts. Once attackers controlled a legitimate account, they could push arbitrary code.
Account Security: Multi-factor authentication was either not required or not enforced for the compromised accounts, allowing credential stuffing or phishing attacks to succeed.
Code Obfuscation Detection: None of the affected platforms automatically flagged or blocked packages containing suspicious Unicode characters or heavy obfuscation patterns.
Dependency Scanning: Organizations consuming these packages failed to run their own verification checks before incorporating dependencies into production systems.
Behavioral Monitoring: The malware's repeated outbound connections to blockchain APIs should have triggered network monitoring alerts, but many environments lack monitoring for dependency behavior post-installation.
What the Relevant Standard Requires
PCI DSS v4.0.1 Requirement 6.3.2 mandates maintaining an inventory of bespoke and custom software, and third-party software components, including tracking dependencies and their sources.
OWASP ASVS v4.0.3 Section V14.2 addresses dependency management. Requirement 14.2.1 states: "Verify that all components are up to date, preferably using a dependency checker during build or compile time."
NIST 800-53 Rev 5 Control SA-12 (Supply Chain Protection) requires organizations to employ anti-counterfeit technologies and processes, including verifying package signatures and scanning for malicious code patterns.
ISO/IEC 27001:2022 Control 8.30 (Outsourced development) requires supervision and monitoring of outsourced system development, applicable to open-source dependencies.
Lessons and Action Items for Your Team
Implement Package Signature Verification: Configure your package managers to require and validate cryptographic signatures. For npm, use npm config set ignore-scripts true by default and explicitly allow scripts only after review.
Deploy SBOM Generation in Your CI/CD Pipeline: Use tools like Syft or CycloneDX to generate Software Bills of Materials. Run syft packages dir:. -o cyclonedx-json as a build step and store the output in your artifact repository.
Monitor for Obfuscation Patterns: Add a pre-commit hook that scans for suspicious Unicode characters in dependencies. The regex [\u200B-\u200D\uFEFF] catches zero-width characters commonly used in obfuscation.
Require MFA for All Developer Accounts: Implement multi-factor authentication for accounts that can publish packages or merge code. Use hardware tokens where possible.
Run Runtime Behavioral Monitoring: Configure your SIEM to alert on repeated connections to cryptocurrency APIs from development or build infrastructure.
Create a Dependency Approval Workflow: Require a second engineer to review the package source on GitHub before any new dependency enters your codebase.
Test Your Incident Response for Supply-Chain Compromises: Conduct tabletop exercises to ensure your team can respond quickly to supply-chain compromises.
The GlassWorm campaign succeeded by exploiting trust relationships in open-source ecosystems. Your defense requires verifying that trust at every step—from account authentication to code review to runtime behavior. The standards already require this verification. What failed wasn't the requirements—it was the implementation.
Software Bill of Materials
