Malicious packages consist of software embedded with code that is capable of causing harm to an entire system or network. This is a rapidly growing threat affecting open-source software and the software supply chain. This attack method has seen a nearly 12,000% increase from 2022 to 2023, as reported by Synk. Some reasons include its technical feasibility, the potential for high returns, and the widespread distribution of open-source offerings,
Common types of malicious packages encompass:
- Windows .exe application installation files that install malware instead of the intended application.
- .deb or .rpm files that install a compromised server to a Linux system.
- A docker container image that includes malicious dependencies.
- A Python package that deploys an insecure version of a Python framework into a development environment.
Malicious package attack vectors
The following are four malicious package infection methods:
- Typosquatting - The threat actor uses subtle typographical errors in the malicious package name to resemble a popular package, often going unnoticed by the victim. These packages are usually registered in repositories such as NPM and PyPI. As prevention of this attack method, some developers register names that resemble the legitimate site, precluding the typosquatters’ opportunities.
- Masquerading - This attack method completely duplicates the code and the metadata of a known package, and a snippet of malicious code is added, thereby creating a Trojan package. Unlike the typosquatting method, this method uses the exact name of a legitimate package to deceive developers through similarity.
- Dependency confusion - Dependency is a piece of software required for a particular program to function. Software dependencies can be either internal or external. In this technique, the threat actor employs a valid name of an internal package for the malicious package and publishes the malicious package on a public repository with a higher version number. Since default package managers tend to prioritize higher version numbers, this practice increases the vulnerability to malicious package attacks.
- Dependency hijacking - In this method, the threat actor compromises a legitimate package and pushes malicious code into it. This is done by taking over maintainers' or developers' accounts or injecting obfuscated malicious code into a legitimate open-source project.
In recent headlines, ChatGPT was a culprit in spreading malicious packages, the technique known as AI package hallucination. This method circumvents typical tactics such as typosquatting and masquerading. ChatGPT sometimes provides non-existent package recommendations to certain coding problems, where the threat actors see the opportunity to substitute unpublished packages with malicious ones.
Why are malicious packages hard to detect?
Determining whether the malicious packages are harmful prior to download and installation is challenging due to the following reasons:
- Public package repositories – These repositories usually don`t require security checks or validations and allow anyone to create repositories and upload packages to them. Unsuspecting users may download those packages, unaware that they are malicious.
- Package installation tools don’t detect malicious packages – A package cannot be declared safe solely based on its successful installation or the absence of warnings from the package manager.
- Lack of package content visibility – Analyzing whether the package is malicious is difficult if the package is a binary file, and manual scanning of individual files and directories within the package does not provide clear indications of a compromise.
- Package dependencies – In some cases, packages may install additional software to meet dependencies. Thus, a single package scan is inadequate to ensure the absence of malicious code on a system.
- DNS spoofing – Threat actors redirect network traffic through seemingly genuine URLs to malicious servers. The target may install the content, unsuspecting that they are from a malicious source.
Best practices to prevent malicious package attacks
- Verify package ownership and authenticity – Verify the package's legitimacy, reputation, and trustworthiness. Look for fake accounts and the accuracy of package names and URLs before installation.
- Scan packages – It is crucial to scan and analyze all package types using relevant tools for malware.
- Inspect DNS settings - Check the DNS server that your package manager is configured with prior to any installation.
- Check functionality changes – Be suspicious of functionality changes across different versions of packages when a version of a package accesses files or systems that the previous one did not access.
- Perform code reviews – Review the package`s source code for vulnerabilities and look for suspicious patterns and unexpected behaviors before including them in your project.
- Verify package checksums – If a repository has published checksums for their packages, make sure to calculate and compare them with the downloaded packages. A disparity in the checksums indicates that the package might be corrupted or you didn`t download the exact copy that was hosted in the repository you trust.
Malicious package attacks are prominent in open-source and third-party software environments that can easily infect an entire system once installed. They incur huge losses and damages to organizations since they are harder to detect and are widely adopted by threat actors due to their technical feasibility. Organizations should adopt proactive measures, secure coding practices, and necessary tools to defend against malicious package attacks and ensure robust cybersecurity.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire.