"GlassWorm": Invisible Computer Virus Attacks Software Developers

According to IT experts, the extremely sophisticated malware spreads through Microsoft's source code editor, Visual Studio Code (VS Code), and is introduced via third-party extensions. The malware gains remote access to infected computers, attempts to siphon funds from crypto accounts, and collects login data, among other things, to infect further extensions.
New Computer Virus "GlassWorm" Targets Software Developers
The malicious code was discovered on October 17 by the Israeli-American IT security firm KOI in the "CodeJoy" extension of a Chinese developer. On their blog, KOI describes it as "one of the most sophisticated attacks we have ever analyzed."
What is new is how the virus hides. The malware is effectively invisible due to non-displayable Unicode characters, which is why KOI named the malware "GlassWorm": "It uses camouflage techniques that we have never seen in the wild before."
Third-Party Code Generally a Security Risk
KOI points out that untrusted third-party code generally poses a security risk. Recently, KOI uncovered 18 extensions for the Chrome and Edge internet browsers that suddenly became malicious through updates, infecting several million users.
(APA/Red)
This article has been automatically translated, read the original article here.
Du hast einen Hinweis für uns? Oder einen Insider-Tipp, was bei dir in der Gegend gerade passiert? Dann melde dich bei uns, damit wir darüber berichten können.
Wir gehen allen Hinweisen nach, die wir erhalten. Und damit wir schon einen Vorgeschmack und einen guten Überblick bekommen, freuen wir uns über Fotos, Videos oder Texte. Einfach das Formular unten ausfüllen und schon landet dein Tipp bei uns in der Redaktion.
Alternativ kannst du uns direkt über WhatsApp kontaktieren: Zum WhatsApp Chat
Herzlichen Dank für deine Zusendung.