A new supply chain attack has been observed targeting Azure developers through the use of over 218 malicious NPM packages. The goal of these malicious packages appears to be to steal personal identifiable information on the developer’s system where it is executed.
The attack works through typosquatting, which occurs when threat actors publish malicious packages with names mimicking legitimate libraries in an effort to trick users into installing them. In this case, the threat actor created dozens of malicious counterparts with the same name as their existing @azure scope packages but without the scope name in the NPM software registry. For example, if users were to attempt to install the legitimate @azure/core-tracing package, but upon installation omitted the @azure prefix, they would end up installing the malicious package instead. Each malicious package was uploaded using a unique username to avoid raising suspicion and used high version numbers to attempt to carry out a dependency confusion attack. This attack occurs when the build process of an application automatically pulls a malicious version of a private module into it, due to there being a higher version of the software available that is deemed the “latest” version for that package.
When executed, the malicious packages in question were seen listing directories and gathering information on the user’s current directory and IP addresses related to network interfaces and DNS servers. All of this information was then exfiltrated to a hardcoded remote server. All 218 packages have been removed from the NPM registry, with each one having been downloaded around 50 times prior to removal.
When downloading packages from a public registry, it is important to verify what package is being downloaded. This includes double-checking the spelling of the package name, making sure to utilize the scope name for the package that is intended to be installed, and verifying the package name is correct for the package that is needed. Threat actors are increasingly targeting software registries such as NPM or PyPI and relying on the fact that users may make mistakes when typing a package name or guessing at which module name they need. Software company JFrog has released a number of open-source tools that can help audit and monitor NPM dependencies in programs to help determine if there are any suspicious or malicious packages. Using tools such as these can help prevent malicious packages from being executed before being discovered. Protecting private packages using controlled scopes, namespaces or prefixes and utilizing client-side verification features such as version pinning and integrity verification can also help prevent common types of attacks, such as dependency confusion, that these threat actors rely on to get their malicious packages executed on a victim system.