A sophisticated software supply-chain attack has code-repository users turning to advice that sounds like it’s from the drivers’ ed days: Check your mirrors.
According to a March 25 report from the application-security company Checkmarx, threat actors spread malicious code, using deceptive domains, packages, and cached code replicas known as mirrors hiding the dastardly dependencies. A complex attack against giant, community-based code repositories like PyPI and GitHub is especially difficult for the orgs to contain.
“The open-source websites, the repositories, the ecosystems. In general, they were not originally designed for security for these kinds of threats,” Jossef Harush, head of software supply chain security at Checkmarx, told IT Brew, noting that the threat actors detailed in the company’s March post take advantage of the sites’ lack of vetting of new content.
What happened? In a peaceful, malware-less world, developers and their automated tools would go to a repository like the Python-specific PyPI to download a code package, which often relies on outside links to return package components.
A repository copy known as a mirror allows programmers the opportunity to shed bandwidth and speed up local package installation within a network.
According to the Checkmarx report, threat actors used a fake Python mirror, which deployed a poisoned copy of the popular text package “colorama.” The malware spreaders hosted the malicious mirror under the domain “files[.]pypihosted[.]org,” which is very similar to the trusted, official Python mirror “files.pythonhosted.org.”
“An attacker distributed a malicious dependency hosted on a fake Python infrastructure, linking it to popular projects on GitHub and to legitimate Python packages,” the Checkmarx post read.
The payload, according to the vendor, harvests data (like passwords and credentials) and exfiltrates them to the attacker’s infrastructure.
“What was new with this attack? They impersonated the official Python mirror and created a very similar one by name and by the URL, so it would stay under the radar, and maybe some monitoring tools did not pay attention to it,” Harush said.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
A response from repositories. The report did not especially surprise Mike Fiedler, PyPI safety and security engineer, who had already been working on remediating the malware spread and removing the malicious package from the PyPI index. Fiedler contacted domain-registrars regarding the typosquatted domain.
“We can’t secure every single package that is inside the registry, because it’s a public open space where anyone can upload anything. What we have been working on is preventing someone from taking over an existing package,” Fiedler told IT Brew.
PyPI has required two-factor authentication for users. Repositories like GitHub and PyPI rely on encouraging community members to report abuse and spam. (PyPI updated its malware-reporting functionality on March 8.)
A “-provenance” tag, introduced by GitHub in April 2023, “gives consumers a verifiable way to link a package back to its source repository and the specific build instructions used to publish it.”
In 2023, GitHub announced it had over 100 million developers.
GitHub and PyPI repositories provide platforms for social coding and a collaboration and sharing among its enthusiasts—a deceptive attack against such a wide community will likely be a continual challenge for coders and code-maintainers.
And the advice to stop a software supply-chain attack may be another one learned in the school days, well before driver’s ed: Don’t take stuff from people you don’t know.
“It’s very hard to prevent it, unless we educate consumers to stay highly suspicious about what they consume for strangers,” Harush said.