Gate News reports that the security agency GoPlus has issued a warning indicating that GlassWorm has evolved from an early VS Code worm into a highly sophisticated supply chain attack framework that disguises itself as a Chrome extension to steal users’ sensitive data and cryptocurrency assets, with the threat scope continuously expanding.
The core of this attack relies on poisoning and covert code injection. Attackers manipulate npm and PyPI packages using special Unicode and PUA characters, embedding malicious loaders. These characters are difficult to identify in code review tools, allowing the malicious code to bypass traditional static analysis detection, contaminating the development environment from the source.
On the communication front, GlassWorm employs a more covert control method. It abandons traditional domain name servers and instead uses the Solana blockchain as a command and control channel, hiding instructions within on-chain transaction notes. This design enhances the attack infrastructure’s resistance to blocking, making it challenging to trace or cut off using conventional means.
At the endpoint, the attack is executed by disguising itself as a “Google Docs Offline” extension. This malicious plugin can steal browser cookies, clipboard content, and browsing history, while also possessing keystroke logging and screenshot capabilities, and can monitor activities on hardware wallets like Ledger and Trezor. Moreover, attackers may pop up phishing interfaces to lure users into entering their recovery phrases, thereby gaining direct control over digital assets.
GoPlus advises users to deploy detection tools capable of identifying hidden characters and to avoid installing software or plugins from unknown sources. Additionally, be vigilant about unusual transaction signatures and transfer requests. If a device is suspected of being compromised, disconnect it from the network immediately and change all related account credentials to minimize potential losses.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
DoubleZero Edge Boosts Solana Data Speed With Fiber Optic Network
DoubleZero has introduced DoubleZero Edge, a high-performance data transmission platform designed to deliver real-time blockchain information for the Solana ecosystem, with beta access announced on April 16, 2026. The service moves data delivery away from the public internet onto a dedicated fiber o
CryptoFrontier57m ago
Trader Turns $960 into $337K in Under 2 Hours, Achieving 351x Return on SOL and ASTEROID Trade
A trader turned 11 SOL into $337,000 in under two hours by using three wallets to buy 158.51 million ASTEROID tokens and later selling most for 1,539 SOL, while retaining 23.76 million tokens worth about $202,000.
GateNews2h ago
Solana Adoption Surges to 167M While Usage and Price Diverge
Key Insights
Solana reached 167 million holders, signaling strong adoption growth even as active addresses declined, showing a widening gap between ownership and usage trends.
Institutional interest increased as DeFi Development Corp accumulated over 2.22 million SOL, reinforcing long-term c
CryptoNewsLand15h ago
Bitcoin, Ethereum and Solana ETFs Record Positive Net Inflows on April 16
Gate News message, according to the April 16 update, Bitcoin ETFs recorded a 1-day net inflow of +2,855 BTC (+$209.95M) and a 7-day net inflow of +11,849 BTC (+$871.52M). Ethereum ETFs showed a 1-day net inflow of +15,477 ETH (+$35.44M) and a 7-day net inflow of +90,366 ETH (+$206.94M). Solana ETFs
GateNews17h ago
Circle Issues 250M USDC on Solana
Gate News message, April 16 — According to Whale Alert, Circle has minted 250 million USDC on the Solana blockchain.
GateNews17h ago
Bless Project Transfers 300M $BLESS Worth $3.83M Across Solana and BSC in 9 Hours
The Bless project transferred 300 million $BLESS tokens worth $3.83 million across Solana and BSC. 200 million were deposited into a CEX, and 56.76 million have been sold on BSC, with more sales ongoing.
GateNews19h ago
