GLASSWORM BOTNET DISRUPTED IN C2 TAKEDOWN

Security researchers successfully disrupted Glassworm, a botnet that attacked software developers as part of supply-chain compromise campaigns. The threat actors used an innovative dual-layer infrastructure combining Solana blockchain transactions with BitTorrent Distributed Hash Table (DHT) networks to maintain control over infected systems. The blockchain-based approach allowed attackers to publish C2 commands as Solana transactions, while the DHT network provided a decentralized fallback mechanism. This redundancy made traditional takedown efforts difficult. The coordinated disruption targeted both layers of the infrastructure, effectively severing communications between the botnet operators and compromised endpoints. Researchers did not disclose additional details about the operation's scope or the number of affected systems. The incident highlights evolving tactics among threat actors leveraging blockchain and peer-to-peer networks to build resilient attack infrastructure that circumvents conventional law enforcement and security responses.