A coordinated operation between CrowdStrike, Google, and the Shadowserver Foundation has taken down the Glassworm botnet, a malware network that embedded itself inside open source software projects to steal credentials from developers, with a particular focus on draining cryptocurrency wallets.

The takedown, executed on May 26, simultaneously disrupted all four of the botnet’s command-and-control channels. The operators, assessed to be likely based in Russia, were effectively cut off from their infected systems in one coordinated move.

How Glassworm worked

Glassworm compromised the open source packages and extensions developers already trusted and used daily. The malware spread through VS Code and OpenVSX extensions, npm packages, and PyPI repositories, infecting over 300 packages across multiple platforms.

The botnet was self-propagating, meaning once it landed on a system, it could spread further without the operators needing to manually push it along. It worked across Windows, macOS, and Linux.

Rather than relying on a single server that could be easily seized, the operators built a resilient, multi-layered system that used Solana blockchain transaction memos, BitTorrent DHT, Google Calendar events, and traditional servers. Four channels running simultaneously.

The botnet also used hidden Unicode characters to evade detection. Code that looks perfectly clean to a human reviewer might contain invisible characters that alter its behavior.

Crypto wallets were the primary target

While Glassworm harvested credentials broadly, its operators had a very specific focus: cryptocurrency wallet extensions. The malware targeted 49 different types of wallet extensions.

Active since early 2025, Glassworm had roughly 18 months to operate before the coordinated takedown severed its communications. The full scope of financial losses from wallet credential theft has not been publicly quantified.

What this means for crypto investors and developers

For individual investors, the immediate question is whether wallet extensions they use were among the 49 targeted. Anyone who develops software professionally and also manages crypto assets should consider their machines potentially compromised if they installed packages from npm or PyPI without rigorous verification during the botnet’s operational window.

The use of Solana’s blockchain as a C2 channel raises a broader question for the industry. Blockchains are, by design, censorship-resistant. By embedding instructions inside on-chain transaction data, the operators created a communication layer that was effectively immutable and publicly accessible, yet difficult to censor without disrupting the entire blockchain.