A developer in San Francisco boots up VS Code at 8:47 AM, coffee in hand, and activates what looks like a harmless time-tracker—seconds later, it’s game over for every IDE on that Mac.
That’s the cold reality of the latest GlassWorm campaign twist. Researchers at Aikido Security spotted this Zig dropper masquerading in an Open VSX extension called “specstudio.code-wakatime-activity-tracker.” It’s a dead ringer for WakaTime, the legit tool devs swear by to log coding hours. But don’t bother hunting it down—it’s vanished from the marketplace.
GlassWorm’s been slinging malware at devs for months now, but this? This is lateral movement on steroids. The dropper doesn’t stop at VS Code. No, it scouts the machine, finds every compatible IDE, and poisons them all.
“The extension […] ships a Zig-compiled native binary alongside its JavaScript code,” Aikido Security researcher Ilyas Makari said in an analysis published this week. “This is not the first time GlassWorm has resorted to using native compiled code in extensions. However, rather than using the binary as the payload directly, it is used as a stealthy indirection for the known GlassWorm dropper, which now secretly infects all other IDEs it can find on your system.”
Zig. That’s the language here—remember it. It’s a modern systems language, fast-compiling, memory-safe-ish, and perfect for crafting binaries that slip past Node.js sandboxes. On Windows, it drops “win.node”; on macOS, “mac.node,” a universal Mach-O beast. These load straight into Node’s runtime, grabbing full OS privileges. No JavaScript kiddie stuff.
How Does This Zig Dropper Actually Work?
Step one: You install the fake extension. Boom—binary lands.
It scans for IDEs. We’re talking Microsoft VS Code, VS Code Insiders, VSCodium (the open-source fork), Positron, Cursor (that AI coding wunderkind), Windsurf, and likely others in the VS Code extension ecosystem. Market fact: VS Code owns 70%+ of the pro dev IDE share, per Stack Overflow surveys. That’s millions of machines ripe for the picking.
Next, it phones home. Downloads a second-stage payload: “floktokbok.autoimport,” impersonating the wildly popular “steoates.autoimport” with 5 million+ installs on the official Marketplace. GitHub repo controlled by attackers, naturally.
Then the magic—or nightmare. That .VSIX file hits a temp directory, then gets blasted into every discovered IDE via their CLI installers. Silent. No prompts. All in seconds.
But here’s my take, straight from the data: GlassWorm’s betting big on dev tool trust. WakaTime has real traction—tens of thousands of users. Autoimport? Ubiquitous. Attackers aren’t reinventing wheels; they’re cloning them flawlessly. Install counts for these fakes? We don’t have exacts yet, but Open VSX’s lighter vetting (compared to Marketplace) means thousands could’ve bitten before takedown.
Is Your Favorite IDE Safe from GlassWorm?
Short answer: If it takes VS Code extensions, probably not.
Cursor, the AI darling backed by $60 million in funding, runs VS Code under the hood. VSCodium strips telemetry but keeps extension support. Positron? Same family. Even as AI coding tools explode—market projected at $25 billion by 2027 per McKinsey—this shared architecture is a glaring weakness. One dropper rules them all.
Think back to the 90s macro viruses in Word and Excel. Back then, office docs were the vector because everyone opened attachments. Today? IDEs. Devs live in them 8+ hours daily, per RescueTime data. Codebases, API keys, SSH creds—pure gold for stealers. GlassWorm’s second-stage dropper skips Russian IPs (smart, avoids local heat), pings Solana blockchain for C2 servers (crypto obfuscation trend), exfils data, drops a RAT, and caps it with a Chrome stealer extension. Full compromise.
And the numbers don’t lie. VS Code extensions: 20,000+ on Marketplace, millions of installs. Open VSX? Less scrutiny, more wild west. Aikido’s report flags this as evolution, not invention—GlassWorm iterated from direct binaries to this indirection. Result? Higher evasion, broader spread.
Why GlassWorm Loves Devs — And Why You’re Screwed
Devs aren’t random targets. You’re the keys to kingdoms: GitHub repos, cloud creds, enterprise VPNs. One infected machine at a startup? Lateral to prod servers. At Big Tech? Insider threat gold.
My unique angle: This mirrors the SolarWinds supply chain hit, but micro-targeted. SolarWinds was enterprise software; GlassWorm picks dev productivity tools. Prediction? If unchecked, we’ll see GlassWorm clones in JetBrains IDEs or even Xcode plugins by Q2 2025. Why? Zig’s cross-platform—Linux droppers incoming. Dev tool security spend is puny—less than 5% of cybersecurity budgets, per Gartner. Time to reallocate.
Corporate spin to watch: Extension marketplaces will tout “enhanced scanning.” Open VSX already yanked the fake, but retroactive? Nah. Microsoft’s Marketplace blocks some, but forks evade. Devs, it’s on you—assume breach if you’ve touched these.
Rotate secrets. Nuke extensions. Scan with EDR. And for god’s sake, verify publishers.
Here’s the thing—GlassWorm’s not dumb. Solana C2? Blockchain queries are noisy but hard to block without nuking crypto tools devs use. RAT persistence? Baked into Chrome extensions, surviving restarts. Market dynamic: As remote work sticks (80% hybrid per FlexJobs), home machines are juicier targets. No corp AV.
What Does GlassWorm Steal Exactly?
Everything. Browser creds first—Chrome extension grabs sessions, cookies, autofill. RAT enables keylogs, screenshots. Exfil to dynamic C2. Russian skip suggests state-affiliated or RU-aware actors, but no flags yet.
Impact? High-value devs hit: freelancers, open-source maintainers, AI tool tinkerers. Cursor users? Your proprietary prompts and API keys gone.
🧬 Related Insights
- Read more: Eurail Breach Exposes 300,000 Passports: Travelers’ Nightmare Unfolds
- Read more: AI Browser Extensions: The Sneaky Backdoor Nobody’s Securing
Frequently Asked Questions
What is the GlassWorm Zig dropper?
It’s a native binary in a fake VS Code extension that infects all VS Code-compatible IDEs on your system, dropping further malware for data theft.
How do I check if I’m infected by GlassWorm campaign?
Search your IDE extensions for “specstudio.code-wakatime-activity-tracker” or “floktokbok.autoimport,” scan for win.node/mac.node binaries, and run full AV/EDR checks. Rotate all creds.
Will GlassWorm hit JetBrains or other IDEs?
Not yet, but Zig’s portability means yes—watch for Rust or Go variants targeting IntelliJ or Xcode next.
