Disrupting Glassworm: Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet
CrowdStrike Counter Adversary Operations team executed a coordinated takedown of the Glassworm botnet, a global threat targeting software developers through the open-source supply chain. In collaboration with Google and the Shadowserver Foundation, we struck all four of Glassworm’s command-and-control (C2) channels simultaneously, severing the operators from their infected machines and their ability to deliver new malicious payloads.
This takedown matters beyond the botnet. Glassworm marked a significant shift in the threat landscape that should serve as a wake-up call for every organization that ships or consumes software. Adversaries are no longer just targeting products, they’re targeting the developers who build them.
The Threat: Targeting Developers
Since at least early 2025, Glassworm operators have systematically targeted software developers, a population with access to source code repositories, cloud platforms, CI/CD pipelines, and package registries. Developers represent uniquely high-value targets: compromising a single developer’s workstation can cascade into a supply-chain compromise that impacts...
Copyright of this story solely belongs to itvoice.in. To see the full text click HERE