Invisible Malicious Code Attacks 151 GitHub Repos and VS Code — Glassworm Attack Uses Blockchain to Steal Tokens, Credentials, and Secrets

The Glassworm campaign exploits a subtle Unicode trick that inserts zero‑width characters from the Private Use Area into source files. Because these characters render as invisible whitespace, traditional code reviews miss them, and the embedded decoder can silently reconstruct a binary payload that is later executed with eval(). This technique marks a shift from overt malicious commits to stealthy, code‑level obfuscation, challenging existing static analysis tools that focus on syntactic anomalies rather than invisible glyphs.

Beyond the clever injection method, Glassworm leverages the Solana blockchain as a resilient command‑and‑control (C2) channel. By storing encrypted instructions and exfiltrated data on an immutable ledger, the attackers avoid conventional takedown tactics; blockchain transactions cannot be altered or erased. The use of a decentralized network also provides anonymity and low latency for token theft, credential harvesting, and secret extraction. Coupled with automated, LLM‑generated commit messages that mirror each project’s style, the campaign scales efficiently across diverse repositories and package registries.

For enterprises and open‑source maintainers, the incident underscores the urgency of augmenting supply‑chain security with Unicode‑aware scanning tools and stricter dependency vetting. Automated linters that flag zero‑width characters, combined with provenance checks for npm and VS Code extensions, can mitigate the risk. Moreover, monitoring blockchain‑based C2 traffic and employing runtime defenses such as sandboxed eval restrictions become essential. As attackers refine invisible code techniques, the industry must evolve its detection paradigms to protect the integrity of the software ecosystem.