GlassWorm V2 Analysis

gist.github.com · Willing_Monitor5855 · 29 days ago · research
quality 7/10 · good
0 net
Tags
writeup
Static analysis and live infrastructure monitoring of a GlassWorm variant distributed through compromised Cursor extension on Open VSX. This writeup covers the infection chain, persistence mechanism, C2 architecture, an "interesting" kill switch, and ongoing operator activity observed over 57 hours of monitoring. C2 communication was designed to be particularly resilent to takedowns.
← Back to stories