GlassWorm Malware Evolves with Solana Dead Drops to Deploy RAT and Steal Browser, Crypto Data
New GlassWorm variant leverages Solana dead drops to deliver RAT and data-stealing Chrome extension disguised as offline Google Docs, targeting keystrokes, cookies, screenshots, and crypto assets.
Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan (RAT). The RAT deploys an information-stealing Google Chrome extension masquerading as an offline version of Google Docs. The malware logs keystrokes, dumps cookies and session tokens, captures screenshots, and targets browser and cryptocurrency data. This marks an advancement in the campaign's command-and-control tactics through the use of Solana blockchain dead drops. Source: https://thehackernews.com/2026/03/glassworm-malware-uses-solana-dead.html
SENTINEL: Ordinary people who use crypto or browse the web could lose passwords, savings, or personal data without ever noticing anything suspicious, because thieves are now hiding their tools in unexpected online places that are hard to shut down. This points to a future where staying safe online feels more like a constant game of whack-a-mole that regular users aren't equipped to win.
Sources (1)
- [1]GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data(https://thehackernews.com/2026/03/glassworm-malware-uses-solana-dead.html)