1
Threat Overview
The Glassworm botnet, targeting developers in software supply-chain attacks, has been disrupted after researchers took down its command-and-control infrastructure. The botnet relied on Solana blockchain transactions and the BitTorrent DHT network. This disruption affects developers who may have been compromised through software supply-chain attacks.
2
Key Intelligence Points
1. The Glassworm botnet utilized Solana blockchain transactions and the BitTorrent DHT network for its command-and-control infrastructure. 2. The botnet targeted developers in software supply-chain attacks, compromising them through unknown vulnerabilities. 3. The attack chain involved the use of a resilient command-and-control infrastructure to maintain persistence. 4. Detection opportunities may arise from monitoring Solana blockchain transactions and BitTorrent DHT network activity.
3
MITRE ATT&CK Techniques
T1190 - Spreading Malware (via software supply-chain attacks)
4
Indicators of Compromise (IOCs) / Affected Systems
Glassworm botnet, Solana blockchain transactions, BitTorrent DHT network
5
Mitigation & Detection
Developers should monitor their software supply chains closely and implement robust security measures to prevent similar attacks.