• Home
  • Resources
  • Blog
  • A Malicious Package Found Stealing AWS AIM data on npm has Similarities To Capital One Hack

A Malicious Package Found Stealing AWS AIM data on npm has Similarities To Capital One Hack

Malicious Package on npm Resembles Capital One Hack
Malicious Package on npm Resembles Capital One Hack

In the latter part of December 2021, Mend Diffend detected the new release of a package called @maui-mf/app-auth. This package used a vector of attack that was similar to the server side request forgery (SSRF) attack against Capital One in 2019, in which a server was tricked into executing commands on behalf of a remote user, thereby enabling the user to treat the server as a proxy for requests and gain access to non-public endpoints. 

In the case of the @maui-mf/app-auth package, in addition to the thousands of lines of regular JavaScript code related to using React, there were a few special lines of code that ran upon installation of the package. That additional code sent host details while also performing an HTTP request to a certain endpoint. This endpoint data – both host and endpoint path – were obfuscated with base64 to make them harder to detect.

Once decoded, it becomes evident that the request targets an Amazon Web Services (AWS) Metadata Service. The URL was used to provide an HTTP application programming interface (API) for retrieving information like the node’s IP address, placement within the AWS network, hostname and IAM security credentials.

In the case of the @maui-mf/app-auth package, the targeted endpoint returned information about the IAM role assigned to the instance from which the request was made. Left unchecked, the data would be passed on to the external domain “microsoft-analytics.net” via the domain name system (DNS) lookup query.

In case you have any doubt, this was malicious activity. While the data provided by this package wasn’t enough to perform a full SSRF attack, it could be enough to give the attacker knowledge of potential vectors for further exploitation. In the parlance of the MITRE ATT@CK framework, this was both an “initial access” and a “discovery” tactic. For instance, by installing the package, an attacker could validate that there are indeed vulnerable machines out there and in turn release a new version of the same package that will contain exploits of those vulnerabilities. That new version could try to elevate the permissions by running a second query to the AWS endpoint to obtain the credentials needed for the exploitation.

As with all of Diffend’s findings, the researchers at Mend immediately reported the malicious @maui-mf/app-auth package to the npm security team for the sake of the whole open-source software (OSS) community. It’s worth noting, however, that there was a 15-hour time gap between the package being identified and subsequently being removed from npm. During this time, software developers using Diffend were notified that the package was malicious. (If you wish to use Diffend as part of your software supply chain, you can start using the application here.)

To learn more about malicious npm packages identified by Mend, read the npm Threat Report: Popular Javascript Package Registry Is A Playground For Malicious Actors. 

Threat Report:

npm Is a Playgroundfor Malicious Actors

Meet The Author

Maciej Mensfeld

Maciej Mensfeld is the creator of the Mend Supply Chain Defender platform and a Senior Product Manager. He writes about Supply Chain Security and Open Source Software in general.

Subscribe to Our Blog