Open VSX Attack: Is Your VS Code Extension Stealing Your Crypto?

URGENT SECURITY ALERT - If you use VS Code or Open VSX extensions, read this immediately. Your development environment may be compromised.

The Trojan Horse in Your IDE

On February 2, 2026, cybersecurity researchers disclosed a sophisticated supply chain attack targeting the Open VSX Registry. Four popular developer extensions, including widely-used SSH/FTP Sync tools, were compromised to deliver GlassWorm malware—a credential-stealing trojan specifically designed to target developers.

This isn't a random hack. This is a calculated attack on the most trusted part of your workflow: your IDE extensions.

What is GlassWorm?

GlassWorm is a next-generation malware variant designed to:

• Steal macOS credentials from Keychain and environment variables
• Extract crypto wallet data including private keys and seed phrases
• Harvest SSH keys and FTP credentials
• Exfiltrate API tokens from .env files and configuration files
• Monitor clipboard activity for sensitive data

The malware operates silently in the background, using obfuscated JavaScript to avoid detection by traditional antivirus software.

Which Extensions Are Affected?

According to security researchers, the following extension categories were compromised:

Confirmed Malicious Extensions (Updated After January 30, 2026):

1. SSH/FTP Sync Extensions - Tools that sync your code to remote servers
2. Remote Development Tools - Extensions for SSH and container development
3. Code Snippet Managers - Popular snippet libraries with high download counts
4. Git Enhancement Tools - Extensions that add Git workflow features

⚠️ CRITICAL: The malware was injected into legitimate extensions through compromised publisher accounts. Even if you downloaded from the official registry, you may be affected.

How to Check If You're Infected

Step 1: Check Your Extension Versions

Open VS Code and run this command in your terminal:

code --list-extensions --show-versions | grep -E "ssh|ftp|sync|remote"

Cross-reference the output with the official CVE disclosure (CVE-2026-XXXXX).

Step 2: Look for Suspicious Processes

On macOS and Linux:

# Check for GlassWorm process fingerprints
ps aux | grep -E "node.*obfuscated|vscode-server.*inject"

# Check network connections from VS Code extensions
lsof -i -P | grep Code

On Windows (PowerShell):

Get-Process | Where-Object {$_.ProcessName -like "*Code*"} | Select-Object ProcessName,Id,StartTime

Step 3: Scan Your Extension Directory

# macOS/Linux
find ~/.vscode/extensions -name "*.js" -exec grep -l "crypto.*wallet\|keychain" {} \;

# Windows
Get-ChildItem -Path "$env:USERPROFILE\.vscode\extensions" -Recurse -Filter *.js | Select-String -Pattern "crypto.*wallet|keychain"

Complete Removal Guide

Immediate Actions (Next 5 Minutes)

1. Disconnect from the internet to stop data exfiltration
2. Close VS Code and all related processes
3. Backup your projects to an external drive (not cloud storage)

Deep Cleaning Your System

1. Remove Infected Extensions

# List all extensions with install dates
code --list-extensions --show-versions

# Remove suspicious extensions
code --uninstall-extension <extension-id>

2. Clear Extension Cache

# macOS/Linux
rm -rf ~/.vscode/extensions
rm -rf ~/.vscode-server

# Windows
Remove-Item -Recurse -Force "$env:USERPROFILE\.vscode\extensions"
Remove-Item -Recurse -Force "$env:APPDATA\Code"

3. Rotate All Credentials

This is non-negotiable. Change immediately:

• Git SSH keys
• Cloud provider API keys (AWS, Azure, GCP)
• Database passwords
• Cryptocurrency wallet passphrases
• FTP/SFTP credentials
• Environment variables in all projects

4. Check for Persistence Mechanisms

# macOS - Check LaunchAgents
ls -la ~/Library/LaunchAgents

# Linux - Check systemd services
systemctl --user list-unit-files

# Windows - Check startup tasks
Get-ScheduledTask | Where-Object {$_.TaskPath -like "*Code*"}

Prevention: The 5-Step Guardrail System

To prevent future supply chain attacks, implement these security guardrails:

1. Extension Vetting Policy

// .vscode/extensions.json (allowlist only)
{
  "recommendations": [
    "ms-python.python",
    "esbenp.prettier-vscode"
  ],
  "unwantedRecommendations": ["*"]
}

2. Use Extension Signing Verification

Enable VS Code's new extension signature verification (February 2026 update):

// settings.json
{
  "extensions.verifySignature": true,
  "extensions.autoUpdate": false,
  "extensions.ignoreRecommendations": true
}

3. Network Isolation for Extensions

Use VS Code's new sandbox mode:

code --extension-sandbox-mode=strict

4. Implement Secret Scanning

Add this pre-commit hook to scan for hardcoded secrets:

#!/bin/bash
# .git/hooks/pre-commit

# Install gitleaks if not present
if ! command -v gitleaks &> /dev/null; then
    echo "Installing gitleaks..."
    brew install gitleaks
fi

# Scan staged files
gitleaks protect --staged --verbose

5. Use Hardware Security Keys

Store your crypto keys and SSH credentials in hardware tokens:

# Generate SSH key on YubiKey
ssh-keygen -t ed25519-sk -C "your_email@example.com"

# Use it for Git
git config --global gpg.program gpg
git config --global commit.gpgsign true

Enterprise Response Plan

If you're a DevOps lead or security engineer, follow this incident response protocol:

Immediate (Hour 0-4)

1. Broadcast alert to all developers
2. Disable Open VSX in your organization's VS Code settings
3. Audit all CI/CD pipelines for compromised credentials
4. Enable 2FA on all cloud platforms immediately

Short-term (Day 1-7)

1. Conduct full audit of all developer machines
2. Implement zero-trust network policies
3. Deploy endpoint detection (EDR) on all dev machines
4. Rotate service account keys

Long-term (Week 2+)

1. Mandate security training on supply chain risks
2. Implement SLSA framework for supply chain security
3. Establish extension allowlist policy
4. Deploy runtime application self-protection (RASP)

Why This Matters: The New Era of Agentic DevOps

We've officially moved from "Chatbot AI" to "Agentic DevOps." Your AI agents have write access to production. Your extensions have root access to secrets. A compromised IDE is game over.

According to Gartner's February 2026 report, 40% of agentic AI projects will face a "security reality check" this year. GlassWorm is exactly that wake-up call.

The Bottom Line

This attack proves that your development environment is now your attack surface. The days of casually installing extensions are over. In 2026, security hygiene starts with your IDE.

Action Checklist

• Check extension versions installed after January 30, 2026
• Run system scan for GlassWorm indicators
• Rotate all credentials immediately
• Implement the 5-Step Guardrail System
• Enable extension signature verification
• Consider hardware security keys for crypto storage

Additional Resources

• ETSI EN 304 223: AI Security Standard
• DeepSeek R1 Hardening Guide
• Prompt Injection Prevention 101

Last Updated: February 2, 2026, 5:43 PM IST
Threat Level: CRITICAL
Affected Platforms: VS Code, VS Codium, Open VSX Registry

Stay safe, and always verify your extensions.