Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks (2005.09535v1)

Abstract: A software supply chain attack is characterized by the injection of malicious code into a software package in order to compromise dependent systems further down the chain. Recent years saw a number of supply chain attacks that leverage the increasing use of open source during software development, which is facilitated by dependency managers that automatically resolve, download and install hundreds of open source packages throughout the software life cycle. This paper presents a dataset of 174 malicious software packages that were used in real-world attacks on open source software supply chains, and which were distributed via the popular package repositories npm, PyPI, and RubyGems. Those packages, dating from November 2015 to November 2019, were manually collected and analyzed. The paper also presents two general attack trees to provide a structured overview about techniques to inject malicious code into the dependency tree of downstream users, and to execute such code at different times and under different conditions. This work is meant to facilitate the future development of preventive and detective safeguards by open source and research communities.

An Examination of Open Source Software Supply Chain Attacks

The paper "Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks" offers a meticulous analysis of software supply chain attacks that exploit open source ecosystems. The researchers analyze a curated dataset of 174 malicious packages distributed through ubiquitous repositories such as npm, PyPI, and RubyGems from November 2015 to November 2019. A primary focus is on the mechanisms and structures of these attacks, facilitating discussions around potential prevention and detection strategies within the field of software development.

The paper underscores the manners in which malicious packages infiltrate existing open source supply chains. Two comprehensive attack trees are proposed, representing the pathways of malicious code injections either through creating entirely new packages or compromising existing ones. Notably, the research outlines that the majority of malicious packages leverage typosquatting—using package names that closely resemble well-known packages with slight alterations—as a significant vector for distribution within ecosystems.

The research reveals concerning statistics: a substantial portion (56%) of malicious packages activate during the installation phase, capitalizing on install scripts that are executed during package installations. This method affects not only the immediate host system but also propagates potential vulnerabilities to downstream users reliant on the package's ecosystem.

Additionally, the paper meticulously examines the intent and execution conditions of this malicious code. Approximately 41% of these packages employ conditional execution, where the malicious payload is triggered only under specified scenarios, often evading detection in sandboxed environments. The primary objectives of the malicious packages are diverse, with data exfiltration leading at 55%, highlighting crucial security concerns around information leakage.

A further dissection into the dataset elucidates the temporal dynamics within the lifecycle of these malicious packages. On average, these packages remain undetected for around 209 days before public advisories report them, indicating a significant period during which end-users are exposed to risks. This highlights a gap in existing monitoring and reactive mechanisms within open source ecosystems—a gap that demands the attention of both repository maintainers and security researchers.

From a defensive strategy standpoint, the paper suggests strengthening existing security practices such as multi-factor authentication for maintainers, disabling install scripts by default, hardening build systems, and enhancing the capabilities of automated detection tools to scan for anamorphic patterns that may highlight malicious packages prior to their dissemination.

In conclusion, as the paper reflects on the implications of malicious packages in open source software supply chains, it provides an indispensable resource for cybersecurity practitioners and researchers. It underscores the need for a robust and proactive approach to securing open source ecosystems. The compilation and meticulous analysis of the dataset not only presents a clear image of historical attack patterns but also serves as a foundation for developing innovative safeguards and fostering further research in software supply chain security. Future efforts should continue to expand and refine this dataset to enhance detection methodologies and contribute to more resilient software development practices.