Full Report
The Open VSX registry rotated access tokens after they were accidentally leaked by developers in public repositories and allowed threat actors to publish malicious extensions in an attempted supply-chain attack. [...]
Analysis Summary
# Incident Report: Open VSX Supply Chain Attack via Leaked Credentials
## Executive Summary
The Open VSX registry experienced a supply-chain security incident after developers accidentally leaked access tokens in public repositories. Threat actors exploited these tokens to publish malicious extensions, attempting to distribute malware designed to steal developer credentials and cryptocurrency wallet data. The incident was contained after discovery, leading to immediate token revocation and the removal of malicious payloads, though the threat actors have since pivoted to targeting GitHub repositories using similar techniques.
## Incident Details
- **Discovery Date:** Two weeks prior to the November 2, 2025 report (when Wiz researchers reported over 550 secret exposures).
- **Incident Date:** Shortly after the token leak; malicious extensions published by threat actors a few days following the leak.
- **Affected Organization:** Open VSX Registry (developed under the Eclipse Foundation).
- **Sector:** Software Development / Open Source Ecosystem.
- **Geography:** Not explicitly stated, assumed global due to the nature of the ecosystem.
## Timeline of Events
### Initial Access
- **Date/Time:** Unknown, shortly before discovery (Wiz reported the leak two weeks prior to Nov 2, 2025).
- **Vector:** Accidental exposure of access tokens/secrets in public source code repositories by developers.
- **Details:** Leak involved over 550 secrets across Microsoft VSCode and Open VSX marketplaces. Some tokens allowed access to projects with up to 150,000 downloads.
### Lateral Movement
- **Date/Time:** Following token compromise (A few days after the leak).
- **Details:** Threat actors used compromised credentials to publish malicious extensions onto the Open VSX registry. The subsequent malware campaign, 'GlassWorm', attempted to steal developer credentials to extend the attacker's reach to other reachable projects. (Note: Open VSX disputed the 'self-spreading/replicating' nature of the malware).
### Data Exfiltration/Impact
- **Date/Time:** During the malicious extension deployment period before removal.
- **Details:** The primary impact was the deployment of malware (GlassWorm) attempting to steal developer credentials. The attacks specifically targeted cryptocurrency wallet data from 49 extensions, indicating financial motives.
### Detection & Response
- **Date/Time:** Upon notification by Wiz researchers (leak discovery **two weeks prior**) and subsequent reporting by Koi Security on the active malware campaign.
- **Response Actions:**
- Open VSX and the Eclipse Foundation were notified.
- As of October 21, all malicious extensions were removed from the Open VSX registry.
- Associated access tokens were rotated or revoked.
- The threat was confirmed as fully contained shortly after notification.
## Attack Methodology
- **Initial Access:** Accidental leak of access tokens/secrets by developers into public source code repositories.
- **Persistence:** Not detailed, as the immediate compromise was leveraging existing registry access via leaked tokens to publish malware.
- **Privilege Escalation:** Not explicitly detailed; actors used existing high-privilege tokens to publish malicious extensions.
- **Defense Evasion:** The GlassWorm malware utilized **invisible Unicode characters** (steganography) to hide malicious payloads within extensions.
- **Credential Access:** The payload was designed to steal developer credentials.
- **Discovery:** Not applicable in the traditional sense; actors leveraged pre-existing knowledge of the tokens/repositories.
- **Lateral Movement:** Attempted by using stolen credentials to compromise other projects, though Open VSX stated it was not autonomous propagation.
- **Data Exfiltration:** Targeted cryptocurrency wallet data from extensions.
- **Impact:** Successful publication of malware to the registry, potential compromise of developer credentials, targeting financial data.
## Impact Assessment
- **Financial:** Motivated by financial gain (targeting crypto wallet data).
- **Data Breach:** Developer credentials were targeted. The actual number of affected users was believed to be overstated (35,800 downloads included bot traffic).
- **Operational:** Temporary risk to the integrity of extensions hosted on Open VSX until remediation.
- **Reputational:** Damage to trust in the Open VSX ecosystem as a secure alternative registry.
## Indicators of Compromise
- **Network Indicators (Defanged):** None specified in the article.
- **File Indicators:** Malicious VS Code extensions published carrying GlassWorm payloads hidden via Unicode steganography.
- **Behavioral Indicators:** Uploading malicious extensions to the registry using legitimate, exposed access tokens; malware behavior focused on credential theft and targeting cryptocurrency data.
## Response Actions
- **Containment:** Immediate removal of all malicious extensions from the Open VSX registry (completed by October 21).
- **Eradication:** Rotation and revocation of all potentially compromised access tokens.
- **Recovery:** Confirmation that the incident was fully contained with no ongoing impact.
## Lessons Learned
- Accidental plaintext exposure of authentication secrets in public repositories remains a critical supply-chain vulnerability.
- Attackers rapidly pivot to new tactics/platforms (e.g., moving from Open VSX to GitHub using the same Unicode steganography trick) upon exposure.
- Download metrics can be inflated by threat actors, requiring careful assessment of actual user impact.
## Recommendations
- Implement stringent secrets scanning (like the one performed by Wiz) immediately upon code commits.
- **Shorten token lifetimes** significantly to minimize the impact window of any future leaks.
- Introduce **faster credential revocation workflows** for compromised secrets.
- Implement **automated security scanning for extensions** during the publication process.
- Collaborate with other marketplaces (like Microsoft VS Marketplace) to share threat intelligence regarding discovered vulnerabilities and attacker TTPs.