Skip to content
The Nexus
DossierENTITY

Glassworm botnet

Coverage of Glassworm botnet in the Nexus archive.

Earliest in view: May 27 · 13:28 UTCMost recent: May 27 · 17:56 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 27 · 17:56 UTCTHE REGISTER
    CrowdStrike, Google shatter Glassworm botnet

    CrowdStrike, in collaboration with Google and the Shadowserver Foundation, successfully dismantled the Glassworm botnet, a credential-stealing worm targeting developers through poisoned software packages. The botnet used blockchain-based command-and-control infrastructure and Google Calendar as a backup server, but was neutralized by disrupting all four C2 channels simultaneously.

  • SECURITYMay 27 · 16:59 UTCTECHCRUNCH
    CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks

    CrowdStrike and Google collaborated to dismantle the Glassworm botnet, which was used by hackers to infect open source software projects with malware. This botnet targeted software developers and companies through supply chain attacks.

  • SECURITYMay 27 · 13:35 UTCCYBERSCOOP
    CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain

    CrowdStrike, with assistance from Google and Shadowserver, dismantled the Glassworm botnet, which had infected hundreds of open-source software packages since 2025. The operation disrupted four attacker-controlled servers and infrastructure layers, including Solana blockchain, BitTorrent, and Google Calendar, to halt malware distribution and credential theft.

  • SECURITYMay 27 · 13:28 UTCBLEEPING COMPUTER
    Glassworm botnet disrupted after resilient C2 infrastructure takedown

    The Glassworm botnet, which targets developers through software supply-chain attacks, was disrupted after its resilient command-and-control infrastructure using Solana blockchain transactions and BitTorrent DHT network was taken down by researchers.