Looks like blockchains have finally found a serious use case, just maybe not the one predicted/hoped for...
This article is about #Glassworm, the latest major exploit in JavaScript-land, targetting VSCode and using #Solana as command infrastructure and Google Calendar events as backup. It's full of novel attack techniques and as they say in the article themselves: "this is absolutely brilliant (and terrifying)". All in all, a different form of "creative coding"...
"The malware is hunting for credentials:
- NPM authentication tokens - to publish malicious packages
- GitHub tokens - to compromise repositories
- OpenVSX credentials - to inject more extensions
- Git credentials - to push malicious code
- 49 different cryptocurrency wallet extensions - targeting MetaMask, Phantom, Coinbase Wallet, and dozens more"
