Open-source repositories attacks received a massive increase last year

April 5, 2022
Open Source Repositories Cyberattacks Cyber Threat Vulnerability NPM Packages Supply Chain Attacks

The open-source repositories and software supply chain attacks received massive growth last year. According to a recent study, cyberattacks surged by over 300% last year compared to 2020. The emergence of the Log4J critical flaw and the VSA tool has played a massive role in the uptick of supply chain campaigns.

Moreover, there was also a surge in the malicious exploit of open-source software repositories that allowed hostile threat groups to breach a software vendor’s network and adopt malicious code to conduct additional attacks.

These trends become a more serious threat as a separate researcher noticed increased compromised packages that hacked several open-source repositories since the beginning of the year.

 

The open-source repositories have been heavily targeted by threat actors recently.

 

Since last month’s early days, cybersecurity researchers observed hundreds of fake packages in npm and PyPI open-source repositories that threat actors utilised to operate several remote access trojans.

More than 100 typosquatting packages labeled after well-known brands, projects, and websites were included by threat actors in the npm repository to steal basic user info such as username, IP address, operating system information, and hostname.

In addition, eight more malicious packages employed dependency confusion attacks to target the Azure developers.

A group of over 200 hostile npm packages was also found by researchers targeting the MS Azure Developers to exfiltrate their PII in a separate incident.

The campaign was aimed by the threat actors against the @azure npm. They had also developed accounts by employing an automatic script used to upload compromised payloads to stay undetected by researchers.

Moreover, another cybersecurity group also revealed an advisory regarding the fully automated npm supply chain campaigns that spread numerous malicious packages into the npm systems.

As of now, open-source software is an attractive target for software supply chain attackers. Therefore, all organizations should fortify the security of their software development process to discourage and counteract such attacks.

Open-source software developers must only download codes from official upstream repositories to negate similar attacks due to malicious source codes.

About the author

Leave a Reply