Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
119 tokens/sec
GPT-4o
56 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

The Hitchhiker's Guide to Malicious Third-Party Dependencies (2307.09087v3)

Published 18 Jul 2023 in cs.CR

Abstract: The increasing popularity of certain programming languages has spurred the creation of ecosystem-specific package repositories and package managers. Such repositories (e.g., npm, PyPI) serve as public databases that users can query to retrieve packages for various functionalities, whereas package managers automatically handle dependency resolution and package installation on the client side. These mechanisms enhance software modularization and accelerate implementation. However, they have become a target for malicious actors seeking to propagate malware on a large scale. In this work, we show how attackers can leverage capabilities of popular package managers and languages to achieve arbitrary code execution on victim machines, thereby realizing open-source software supply chain attacks. Based on the analysis of 7 ecosystems, we identify 3 install-time and 4 runtime techniques, and we provide recommendations describing how to reduce the risk when consuming third-party dependencies. We will provide proof-of-concepts that demonstrate the identified techniques. Furthermore, we describe evasion strategies employed by attackers to circumvent detection mechanisms.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (57)
  1. [n. d.]. Build Scripts - The Cargo Book. https://doc.rust-lang.org/cargo/reference/build-scripts.html. [Accessed 30-Jun-2023].
  2. [n. d.]. Chapter 12. Execution — docs.oracle.com. https://docs.oracle.com/javase/specs/jls/se20/html/jls-12.html [Accessed 28-08-2023].
  3. [n. d.]. Chapter 8. Classes — docs.oracle.com. https://docs.oracle.com/javase/specs/jls/se20/html/jls-8.html. [Accessed 28-08-2023].
  4. [n. d.]. Command-line interface / Commands - Composer – getcomposer.org. https://getcomposer.org/doc/03-cli.md#install-i. [Accessed 30-Jun-2023].
  5. [n. d.]. Effective Go - The Go Programming Language. https://go.dev/doc/effective_go. [Accessed 30-Jun-2023].
  6. [n. d.]. Gems with Extensions. https://guides.rubygems.org/gems-with-extensions. [Accessed 30-Jun-2023].
  7. [n. d.]. MITRE ATT&CK; – attack.mitre.org. https://attack.mitre.org/. [Accessed 30-Jun-2023].
  8. [n. d.]. Modules: Packages. https://nodejs.org/api/packages.html. [Accessed 30-Jun-2023].
  9. [n. d.]. npm-install - npm Docs. https://docs.npmjs.com/cli/v9/commands/npm-install. [Accessed 30-Jun-2023].
  10. [n. d.]. package.json - npm Docs. https://docs.npmjs.com/cli/v8/configuring-npm/package-json#scripts. [Accessed 30-Jun-2023].
  11. [n. d.]. pip install - pip documentation v23.1.2 – pip.pypa.io. https://pip.pypa.io/en/stable/cli/pip_install/#cmdoption-only-binary. [Accessed 30-Jun-2023].
  12. [n. d.]. Scripts - Composer – getcomposer.org. https://getcomposer.org/doc/articles/scripts.md#scripts. [Accessed 30-Jun-2023].
  13. [n. d.]. The import system. https://docs.python.org/3/reference/import.html. [Accessed 30-Jun-2023].
  14. 2022. Stack Overflow Developer Survey 2022 – survey.stackoverflow.co. https://survey.stackoverflow.co/2022/#technology-most-loved-dreaded-and-wanted. [Accessed 30-Jun-2023].
  15. 2023. PyPI new user and new project registrations temporarily suspended. https://status.python.org/incidents/qy2t9mjjcc7g?u=l1b53kd6n2rs. [Accessed 30-Jun-2023].
  16. I know what you imported last summer: A study of security threats in thepython ecosystem. arXiv preprint arXiv:2102.06301 (2021).
  17. Nicholas Boucher and Ross Anderson. 2023. Trojan Source: Invisible Vulnerabilities. (2023).
  18. Check Point Research. 2022. Check Point CloudGuard Spectral exposes new obfuscation techniques for malicious packages on PyPI. https://research.checkpoint.com/2022/check-point-cloudguard-spectral-exposes-new-obfuscation-techniques-for-malicious-packages-on-pypi/. [Accessed 30-Jun-2023].
  19. C.S. Collberg and C. Thomborson. 2002. Watermarking, tamper-proofing, and obfuscation - tools for software protection. IEEE Transactions on Software Engineering 28, 8 (2002), 735–746. https://doi.org/10.1109/TSE.2002.1027797
  20. A taxonomy of obfuscating transformations. Technical Report. Department of Computer Science, The University of Auckland, New Zealand.
  21. Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages. In Proceedings of the Network and Distributed System Security Symposium (NDSS).
  22. ENISA. 2022. ENISA Threat Landscape 2022. https://www.enisa.europa.eu/publications/enisa-threat-landscape-2022. [Accessed 30-Jun-2023].
  23. Geek. 2010. Tricky use of static initializer in Java - Override println — geekexplains.blogspot.com. http://geekexplains.blogspot.com/2009/05/tricky-use-of-static-initializer-in.html. [Accessed 28-08-2023].
  24. Paulo Gomes. 2019. Golang: stop trusting your dependencies! https://itnext.io/golang-stop-trusting-your-dependencies-a4c916533b04. [Accessed 30-Jun-2023].
  25. Michael Henriksen. 2021. Finding Evil Go Packages. https://michenriksen.com/blog/finding-evil-go-packages/. [Accessed 11-Jul-2023].
  26. The White House. 2021. Executive Order on Improving the Nation’s Cybersecurity. https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity. [Accessed 30-Jun-2023].
  27. Thomas Hunter II. [n. d.]. Compromised npm Package: event-stream — medium.com. https://medium.com/intrinsic-blog/compromised-npm-package-event-stream-d47d08605502. [Accessed 30-08-2023].
  28. SoK: Taxonomy of Attacks on Open-Source Software Supply Chains. IEEE Symposium on Security and Privacy (SP), 1509–1526.
  29. Risk Explorer for Software Supply Chains: Understanding the Attack Surface of Open-Source Based Software Development. In Proceedings of the ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses (SCORED). 35–36.
  30. Towards the Detection of Malicious Java Packages. In Proceedings of the 2022 ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses (SCORED). 63–72.
  31. Census II of Free and Open Source Software—Application Libraries. Linux Foundation, Harvard Laboratory for Innovation Science (LISH) and Open Source Security Foundation (OpenSSF) 80 (2022).
  32. Marc Ohm. 2020. Backstabber’s Knife Collection. https://dasfreak.github.io/Backstabbers-Knife-Collection. [Accessed 30-Jun-2023].
  33. On the Feasibility of Supervised Machine Learning for the Detection of Malicious Software Packages. In Proceedings of the 17th International Conference on Availability, Reliability and Security. 1–10.
  34. Backstabber’s Knife Collection: A Review of Open Source Software Supply Chain Attacks. In International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA). 23–43.
  35. You Can Run But You Can’t Hide: Runtime Protection Against Malicious Package Updates For Node. js. arXiv preprint arXiv:2305.19760 (2023).
  36. SoK: Analysis of Software Supply Chain Security by Establishing Secure Design Properties. In Proceedings of the ACM Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses (SCORED). 15–24.
  37. Brian Pfretzschner and Lotfi ben Othmane. 2017. Identification of Dependency-Based Attacks on Node.Js. In Proceedings of the 12th International Conference on Availability, Reliability and Security (ARES). 1–6.
  38. Protecting Software through Obfuscation: Can It Keep Pace with Progress in Code Analysis? ACM Comput. Surv. 49, 1, Article 4 (apr 2016), 37 pages. https://doi.org/10.1145/2886012
  39. A study & review on code obfuscation. In 2016 World Conference on Futuristic Trends in Research and Innovation for Social Welfare (Startup Conclave). 1–6. https://doi.org/10.1109/STARTUP.2016.7583913
  40. Adriana Sejfia and Max Schäfer. 2022. Practical Automated Detection of Malicious npm Packages. In Proceedings of the 44th International Conference on Software Engineering (ICSE). 1681–1692.
  41. Michael Sikorski and Andrew Honig. 2012. Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software (1st ed.). No Starch Press, USA.
  42. Sonatype. 2022. 8th Annual State of the Software Supply Chain Report. https://www.sonatype.com/state-of-the-software-supply-chain. [Accessed 30-Jun-2023].
  43. Phylum Research Team. 2022. Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack. https://blog.phylum.io/phylum-discovers-dozens-more-pypi-packages-attempting-to-deliver-w4sp-stealer-in-ongoing-supply-chain-attack/. [Accessed 30-Jun-2023].
  44. Sonatype Security Research Team. [n. d.]. Sonatype Stops Software Supply Chain Attack Aimed at the Java Developer Community — blog.sonatype.com. https://blog.sonatype.com/malware-removed-from-maven-central. [Accessed 22-08-2023].
  45. The PyTorch Team. 2023. Compromised PyTorch-nightly dependency chain between December 25th and December 30th, 2022. https://pytorch.org/blog/compromised-nightly-dependency. [Accessed 30-Jun-2023].
  46. Bill Toulas. 2023. Malicious Lolip0p PyPi packages install info-stealing malware. https://www.bleepingcomputer.com/news/security/malicious-lolip0p-pypi-packages-install-info-stealing-malware. [Accessed 30-Jun-2023].
  47. SoK: Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers. In 2015 IEEE Symposium on Security and Privacy. 659–673. https://doi.org/10.1109/SP.2015.46
  48. Filippo Valsorda. 2022. How Go Mitigates Supply Chain Attacks. https://go.dev/blog/supply-chain. [Accessed 30-Jun-2023].
  49. Bouke van der Bijl. 2015. Monkey Patching in Go. https://bou.ke/blog/monkey-patching-in-go/. [Accessed 30-Jun-2023].
  50. Steven Vaughan-Nichols. 2022. Linus Torvalds: Rust will go into Linux 6.1 – zdnet.com. https://www.zdnet.com/article/linus-torvalds-rust-will-go-into-linux-6-1. [Accessed 30-Jun-2023].
  51. Jeff Williams. 2009. Enterprise Java Rootkits: ”Hardly anyone watches the developers”. In BlackHat USA.
  52. Wolf at the Door: Preventing Install-Time Attacks in Npm with Latch. In Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security (ASIACCS). 1139–1153.
  53. On Secure and Usable Program Obfuscation: A Survey. arXiv:1710.01139 [cs.CR]
  54. Ilsun You and Kangbin Yim. 2010. Malware Obfuscation Techniques: A Brief Survey. In 2010 International Conference on Broadband, Wireless Computing, Communication and Applications. 297–300. https://doi.org/10.1109/BWCCA.2010.85
  55. What are weak links in the npm supply chain?. In Proceedings of the 44th International Conference on Software Engineering: Software Engineering in Practice (ICSE). 331–340.
  56. Karlo Zanki. 2022. IconBurst NPM software supply chain attack grabs data from apps and websites. https://www.reversinglabs.com/blog/iconburst-npm-software-supply-chain-attack-grabs-data-from-apps-websites. [Accessed 30-Jun-2023].
  57. Small World with High Risks: A Study of Security Threats in the npm Ecosystem. In 28th USENIX Security Symposium (USENIX Security). 995–1010.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (6)
  1. Piergiorgio Ladisa (5 papers)
  2. Merve Sahin (1 paper)
  3. Serena Elisa Ponta (11 papers)
  4. Marco Rosa (5 papers)
  5. Matias Martinez (51 papers)
  6. Olivier Barais (16 papers)
Citations (3)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
Youtube Logo Streamline Icon: https://streamlinehq.com

YouTube