Supply Chain Attacks Against Open-Source Software Soar

Supply-Chain-Attacks-Against-Open-Source-Software-Soar.

 

The year 2021 saw a significant increase in software supply chain threats. Attacks surged by more than 300 percent in 2021 compared to 2020, according to a report by Argon Security. The use of Log4J and the VSA tool were used in some of the most well-known assaults.

 

Apart from that, there was an increase in the criminal usage of open-source software repositories, which allowed threat actors to access a software vendor’s network and utilise malicious code to launch additional assaults. Since February, Sonatype has discovered an increase in malicious packages penetrating several open source repositories, indicating that this trend is still a substantial concern.

Open-source repositories are being targeted.

Researchers from Sonatype discovered hundreds of counterfeit packages in the npm and PyPI repositories at the beginning of March, which were utilised to execute Remote Access Trojans (RATs).

To exfiltrate basic information such as username, hostname, IP addresses, and OS information, over 130 typosquatting packages named after prominent companies, websites, and projects were added into the npm repository.

Aside from that, eight malicious PyPI packages targeted Azure developers and environments using dependency misunderstanding attacks.

More assaults have been detected.

  • A set of more than 200 malicious npm packages was discovered targeting Microsoft Azure developers in order to steal their Personally Identifiable Information in another incident (PII).
  • The assault was directed at the @azure npm scope as a whole. To remain undetected, the attackers utilised an automated script to establish accounts, which they also used to upload malware packages.
  • Chechmarx recently issued a warning on completely automated npm supply chain assaults that injected hundreds of malicious packages into npm systems.
  • This was the work of RED-LILI, a threat actor. To launch difficult-to-detect dependency confusion attacks, the attacker had fully automated the process of creating a npm account.
  • The threat actor, according to Checkmarx, is still active and continues to distribute malicious packages.

Conclusion

The fact that open-source software is becoming a prime target for software supply chain hacks is a harsh truth. To avoid such sophisticated assaults, firms should strengthen the security of their software development process. Furthermore, developers that use open-source software must only download code from legitimate upstream sources to avoid being attacked by malicious source code.

By IEMA IEMLabs

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!