Security Team Takes Down Glassworm: A Botnet That Targeted Software Developers

A cybersecurity company called CrowdStrike, working together with Google and other partners, shut down a botnet called Glassworm on May 26, 2026. This botnet had been quietly infecting the computers and tools that software developers use to build applications — a strategy that, if left unchecked, could have allowed attackers to slip harmful code into countless programs used by millions of people.

The attack worked by compromising the software packages and tools that developers download and rely on. Think of it like contaminating ingredients at a food supplier: once bad ingredients are in the pipeline, they can end up in products sold to thousands of customers.

How the Botnet Hid Its Commands

Glassworm's operators were unusually careful about how they gave orders to the infected machines. Instead of using a single command center that could be easily shut down, they spread their control across four different networks: a cryptocurrency blockchain, a file-sharing network, a public calendar service, and direct server connections. This redundancy made the botnet harder to dismantle.

The infected code found its way into popular developer tools and code libraries — collections called npm and Python packages, and also fake plug-ins for Visual Studio Code, a widely used code editor. These malicious plug-ins posed as legitimate tools, exploiting the trust that developers place in these ecosystems.

The Invisible Payload Technique

The attackers used a clever hiding method: they embedded their malicious code using special invisible Unicode characters — characters designed for custom uses but not meant to be displayed on screen. When developers reviewed code before adding it to their projects, these hidden characters looked blank, but the malicious instructions were still there and still active.

This technique is relatively new in this type of attack. In the past, attackers would use tricks like name confusion (making a package sound like a famous one) or direct poisoning of well-known software. Hiding code in invisible characters is more sophisticated because it can slip through basic code review.

Targeting the Tools Developers Use

The attackers were pursuing a specific strategy: go after the software that developers themselves use to build other software. If you compromise a developer's tools, you can affect not just one application but dozens or hundreds of applications that developer works on. This multiplies the impact of a single successful break-in.

Visual Studio Code extensions were particularly useful for this purpose. The OpenVSX marketplace, which hosts these extensions, is smaller and less strictly monitored than Microsoft's official marketplace. A fake extension claiming to add language support or improve productivity could sit on a developer's machine and steal information or inject code undetected.

The pattern here is worth noting. Since a major software company called SolarWinds was compromised in 2020, attacks on the software supply chain have gradually crept further upstream — from the finished product all the way back to the tools developers use to create software. Attackers have learned that a developer's computer is a high-value target with broad reach.

Taking Down a Distributed Botnet

Shutting down Glassworm was complicated because its control systems were spread across so many different platforms and networks. CrowdStrike coordinated with Google, which had visibility into which packages were affected inside Google's own systems, and with the Shadowserver Foundation, which gathers and shares threat intelligence across the security industry.

The simultaneous action needed across cryptocurrency networks, distributed file-sharing systems, and traditional servers shows how complex modern botnet takedowns have become when attackers use decentralized technology as their operating infrastructure.

What This Means for Developers and Everyone Else

This incident reveals a weak point in how the software development community manages trust. Open-source packages and marketplace extensions are vetted mostly by human review and community reputation — there are few automated tools that can catch invisible character tricks like Glassworm used.

Developers and organizations that use code from public repositories should pay closer attention to what extensions and packages they install. Standard antivirus software may not catch hidden code embedded inside legitimate-looking tools, especially when it uses advanced obfuscation tricks. Watching for unusual activity on developer computers, and regularly checking which extensions and packages are installed, becomes important.

The broader implication is that as software developers become bigger targets for attackers, the security of the tools developers use needs to get much stronger. Marketplaces that host extensions need stricter quality checks. Tools need to be built to automatically scan for hidden payloads. And because attacks like this affect entire industries, security companies, platform makers, and infrastructure providers all need to work together.

The elimination of Glassworm removes a real threat to the software development ecosystem. But the techniques the attackers used — hiding code in plain sight, compromising upstream tools, spreading commands across decentralized networks — are likely to appear again in future attacks. The battleground has moved from the finished software to the machinery that builds it.