SoS Musings #65 - Open-Source Security: Repository Troubles

SoS Musings #65 -

Open-Source Security: Repository Troubles

There has been a rise in incidents where malicious actors have taken advantage of Python Package Index (PyPI), Node Package Manager (npm), and other software repositories to compromise individuals and organizations and conduct other malicious activities. Sonatype discovered a massive increase in cyberattacks on open-source project ecosystems, recording an average 700 percent increase in repository attacks over the last three years, according to early data from the 8th annual State of the Software Supply Chain Report. Cybercriminals continue to target organizations via open-source repositories in order to exploit flaws in upstream open-source ecosystems. They contribute malware-infected software components, which are distributed via applications used by businesses and consumers. As of September 2022, Sonatype's repository firewall had identified about 55,000 newly published packages in open-source repositories as malicious in the past year, and around 95,000 over the last three years.

The PyPI is a repository of software for the Python programming language, with over 400,000 projects and 600,000 users. In August 2022, PyPI administrators had to remove ten malicious software code packages from the registry. Check Point's Spectralops.io researchers discovered this set of malicious packages on PyPI and determined that they were droppers for information-stealing malware. The packages were designed to look like legitimate code, and in some cases, they imitated other popular PyPI packages. According to the Check Point researchers, the threat actors who placed the malware on the registry had embedded malicious code in the package installation script so when a developer used the "pip" install command to install one of the rogue packages, the malicious code ran undetected on the user's machine and installed the malware dropper. Three of the ten rogue packages appear to have been created by the same threat actor who made multiple malicious Python packages available on PyPI to steal Amazon Web Services (AWS) credentials. In this case, Sonatype discovered malicious Python packages stealing sensitive information such as AWS credentials and sending it to publicly exposed endpoints accessible to anyone. Two of the packages appeared to have mimicked legitimate and popular PyPI projects in order to trick inattentive or inexperienced users into installing them. Sonatype suspected that the two packages 'loglib-modules' and 'pygrata-utils' were designed for data exfiltration, stealing AWS credentials, gathering network interface information, and collecting environment variables. A school-age hacker from Verona, Italy, uploaded multiple malicious Python packages containing ransomware scripts to PyPI, further demonstrating why developers need to be cautious about what they download from public code repositories. The packages' names were all common misspellings of "requests," a legitimate and widely used HTTP library for Python. According to the Sonatype researchers who discovered the malicious code on PyPI, one of the packages, "requesys," was downloaded 258 times, presumably by developers who made typographical errors when attempting to download the actual "requests" package. The package included scripts for traversing and encrypting Windows systems folders such as Documents, Downloads, and Pictures. One version of the malicious "requests" package included plaintext Python encryption and decryption code, but a later version included a Base64-obfuscated executable, making analysis more difficult. Users whose systems were encrypted because of the uploaded ransomware scripts got a pop-up message telling them to contact the package's author on his Discord channel for the decryption key. According to Sonatype, victims were able to obtain the decryption key without having to pay for it.

The npm Registry is a public repository of open-source code packages for Node.js, front-end web apps, mobile apps, robots, routers, and a variety of other JavaScript community needs, which is relied upon by over 11 million developers worldwide. Since npm packages are being downloaded 20 billion times a week, on average, and are installed across numerous web-facing components of software and applications worldwide, they provide a large playing field for attackers. According to researchers at the open-source security and management firm WhiteSource, an average of 32,000 new npm package versions are published every month, and about 68 percent of developers depend upon it to create rich online functionality. The firm had identified over 1,300 malicious packages in the npm JavaScript package repository, that could lead to data theft, cryptojacking, botnet delivery, and more. According to the firm, 14 percent of the malicious packages discovered were designed to steal sensitive information such as credentials, while about 82 percent of those packages performed reconnaissance, which involved adversaries actively or passively gathering information that can be used for targeting. A large-scale supply chain attack targeting Azure developers was observed, with no less than 218 malicious npm packages aimed at stealing Personally Identifiable Information (PII). After JFrog researchers manually inspected some of these packages, it became clear that this was a targeted attack against Azure developers carried out by an attacker who used an automatic script to create accounts and upload malicious packages. The set of malicious packages was disclosed to npm maintainers about two days after they were published, resulting in their removal, but not before each of the packages had been downloaded around 50 times on average.

According to security analysts, the trend of targeting software repositories calls on developers to be cautious when downloading third-party and open-source code from public registries. Beyond package names, software developers should examine release histories, upload dates, homepage links, package descriptions, and download numbers, all of which can help determine whether a package is genuine or dangerous. In addition, it is essential to continue efforts in developing tools capable of detecting and countering malicious attacks on open-source software registries. For example, the Open Source Security Foundation (OpenSSF), an initiative backed by the Linux Foundation, released its Package Analysis tool that can analyze the capabilities of packages on open-source repositories. It looks at the files a package can access, what addresses they connect to, and what commands they run in order to find behaviors indicative of malicious software. OpenSSF's Package Analysis tool also keeps track of changes in packages' behavior over time in order to detect when previously safe software starts acting suspiciously. The project identified over 200 malicious packages uploaded to PyPI and npm in just one month of analysis, with the vast majority of the malicious packages detected being dependency confusion and typosquatting attacks. The Science of Security (SoS) community is encouraged to contribute to such projects aimed at finding malicious code packages snuck onto popular package repositories and other efforts supporting the security of open-source software.