One 、 Background introduction

In order to improve the R & D and office efficiency , Reduce time and labor costs , Any enterprise's servers and office computers are inseparable from third-party open source or commercial software . Usually, most enterprises assume that the upstream suppliers are safe , Or in most cases, the security of suppliers cannot be confirmed , Even if you know that the supplier is not so reliable , Its security cannot be enforced , But in order to meet their own needs, they will also compromise to adopt . Therefore, the damage effect of software supply chain attack is destined to be significant , After hackers attack upstream , Controlling the downstream is natural . This kind of attack has strong concealment 、 Wide range of influence 、 High input-output ratio , It has always been a popular penetration management method for malicious attackers , It's also an enterprise 、 Attack scenarios that are difficult for individuals and security teams to completely eliminate .

stay 2021 During the Spring Festival , Published by foreign security researchers Python/Nodejs/Ruby Rely on the security test results of the obfuscation attack , Available Apple、Microsoft、PayPal、Tesla Server control authority of many international well-known enterprises , Get our attention immediately , The urgent follow-up analysis on the same day found that it was lucky that 2020 year 8 Attacks were detected and intercepted in January .

Recently, the author has been working in the “ The fourth iceberg safety closed door meeting ” Shared the team's research experience , This article is about desensitization , It is hoped that more safety practitioners can participate in the exchange and discussion , Jointly respond to malware supply chain attacks , It is also hoped that R & D, operation and maintenance personnel can understand the attack risk of the software supply chain , Treat every third-party software with caution .

With the deepening and upgrading of the means of the attack team in the national security attack and defense drill , from 0/Nday Remote attacks on Internet systems , Go fishing to social workers to attack enterprise employees , Then go to the computer room workplace near source attack , It is believed that this year's software supply chain attack is also indispensable .

Two 、 What is supply chain attack

Hackers attack or forge third-party software and hardware products , Or hijack intermediate traffic to implant Trojans , Even the supplier may reserve a back door , When used by users , Achieve the purpose of attacking users .

Supply chain attack is not a new attack method , It existed at least ten years ago , Only in recent years, there have been many well-known software with a large number of users 、 The hardware is embedded in the back door of the Trojan horse , Wide range of influence , The risks are becoming more and more obvious .

The supply chain attacks discussed here only include deliberate implantation / Reserve a Trojan back door , It does not include cases of unintentional vulnerability . In the development stage 、 Distribution phase 、 Supply chain attacks may occur in the use phase , Let's review some typical cases .

1. Product development stage

1） The source code compilation is contaminated by the attack , Typical cases are ：

2015 year Xcode event ： Using malicious Xcode IDE compiled APP Will be injected with malicious code , Cause in AppStore Released several APP Carry the virus .

2017 year Xshell、CCleaner event ： The official was hacked , Hackers add remote control Trojan code to the source code , The software provided by the government carries the remote control Trojan back door .

2020 year SolarWinds event ：SolarWinds The official was hacked , The software package is tampered with and implanted into the back door ,18000 Customers have installed toxic software , Including many U.S. government units and large enterprises .

2） The supplier reserves a back door , Typical cases are ：

2015 year Juniper VPN Back door incident ： Reserve common SSH password , It can steal the device management permission .

2017 HP notebook audio driver built-in keyboard records back door events ： Reserved keyboard record back door , May cause the user input information to leak .

2017 More than a year Chrome The plug-in is exploded and stored in the back door , Stealing browser user passwords .

2. Product distribution stage

1） Bundle Download , Normal software is bundled with malicious code , Typical cases are ：

2012 year putty The Chinese version of the backdoor incident ： Hackers will putty The user password function of recording input is localized and implanted , After Chinese download and use, a large number of SSH The password was stolen .

2017 In, a famous download station Trojan horse event ： Third party outsourcing personnel implant malicious code into the downloader , Cause users to be implanted with advertising Trojans .

2） Download hijacking , Including the replacement of the official website download link 、HTTP Traffic / Domain name hijacking and other intermediary hijackings 、P2P Cache poisoning hijacking, etc , Typical cases are ：

2013 Taiwan Community Edition Firefox The download connection of the browser's official website was replaced by a malicious Trojan horse by a hacker ,3 Days near 7 Million downloads .

2015 Years of malice Xcode IDE Poison thunder P2P download , Download at Xunlei Xcode May download to a malicious version .

3） Rely on package preemption , Typical cases are ：

2017 More than a year Python/Nodejs The library package is exposed to malicious code , It mainly uses name similarity to mislead users to install , Tens of thousands of hosts are affected by MIS installation .

2020 In, foreign security researchers found that the internal private package names of many internationally renowned enterprises were GitHub、Web Page leak , Later on PyPI/NPM/RubyGems Register and upload the package with the same name , Eventually, the internal servers of these enterprises were forced to install malicious packages and were affected .

4） Logistics chain hijacking , Hardware products （ Like servers 、 The notebook 、U Plate, etc. ） In the process of physical transportation, it is transferred or loaded into the back door of the Trojan horse ：

It is reported that the US National Security Agency NSA Technician Snowden revealed NSA The back door of Cisco Router equipment is implanted by means of logistics chain hijacking .

3. Product use stage

1） Upgrade update hijack , Including the replacement of the official website upgrade program ,HTTP Traffic / Domain name hijacking and other intermediary hijackings , Typical cases are ：

2017 Ukraine MeDoc The software official website upgrade server was attacked and implanted into a Trojan horse , User computer upgrade MeDoc Is implanted NotPetya Blackmail virus .

2） Official cloud control does evil , The official issued an order to control the user's host ：

According to the report 2014 Kaspersky antivirus software collection NSA The employee host file is returned to Kaspersky cloud .

3、 ... and 、 Supply chain hacker attacks with low cost and high yield

Which attack method is the easiest to implement and has a high success rate ？

Throughout the above cases , The author thinks “ Forge suppliers ” Compared with “ Attack suppliers ”、“ Hijack the intermediate link ”, It is the attack mode with the highest input-output ratio . In especial “ Package preemption ”, The attack of preemptive registration of similar package names can spread a net and affect hosts all over the world , The attack of preemptive registration of package names within an enterprise can directionally affect the target enterprise , And go to Python/Nodejs/Ruby It is very easy to upload and release library packages from official sources , Hackers can even achieve automated batch injection and poisoning .

Although the attacks continued to be exposed , But the risk gap is not blocked , Hackers will never let go of such an attack .

1. Preemptive injection of similar package names

2016 year , Foreign security researcher Nikolai Tschacher publish one’s thesis 《Typosquatting programming language package managers》, By scrambling 200 Multiple Python/Nodejs/Ruby Similar package names , In a few weeks, there are 1 More than 10000 computers were forced to install preemptive registration packages , Including U.S. government and Department of defense hosts .

2017 year , Domestic security researcher fatezero publish an article 《Package go fishing 》, Also rush to register dozens of common software package names , In a week's time, there are also 1 More than 10000 computers have been installed .

2. The attack of preemptively registering the package name inside the enterprise

In order to meet the needs of R & D personnel in the enterprise for the management and use of internal private software packages , Each major Internet company will build its own software source within the enterprise to store the self-developed software package , However, if the employee does not specify to download only from the enterprise when installing the self-developed software package , You may encounter packet preemption attacks .

2020 year , Foreign security researcher Alex Birsan Find out Apple、Microsoft And other international well-known companies Github Open source projects and Web There is... In the information leaked by the page “ Enterprise internal software package ” And “ Third party open source software packages ” Mixed dependency configuration , Later on Python/Nodejs/Ruby Register on the official source and upload to “ Enterprise internal software package ” The same name of the pre registration package , And wait for the above company employees to install , Finally, the internal servers of these enterprises installed malicious packages .

3. Common scenarios of packet preemptive injection attacks are summarized

1） The developer did not register the package name at the official source in time , The attacker can register first .

such as 2021 year CuPy The official provided cupy-cuda112 Installation instructions , But not in time PyPI register , Safety researcher's rush note CuPy Be aware of the risk of attack .

2） The developer generates a dependency configuration file that references a package that does not exist in the official source

such GitHub Open source software , The user wants to try to use, but the installation is not successful , Attackers can preempt attacks .

3） The naming of developer packages is not standardized , Users are easily misled .

Because the registered names of some software packages are not consistent with the imported names , Users may install dependent packages according to the error information , The malicious software package was installed incorrectly . such as Python software package tensorflow-serving-api The usage in the code is “import tensorflow-serving.apis”, When the user mistakenly executes “pip install tensorflow-serving” For installation tensorflow-serving-api when , Cause the installation of malicious software packages .

4） When users install well-known software , Hit a well-known name directly by intuition , But in fact, the official package has another name .

For example, for installation OpenCV, The user executes directly according to intuition “pip install opencv”, But the official package name is opencv-python , Cause the installation of malicious software packages .

5） When the user manually taps the installation package name from the command line , Missing or multiple or wrong typing of individual characters , Or inadvertently paste other content , Cause the installation of malicious software packages .

For example 2020 year 7 month 31 Japan , Hackers in Python Official source registration of software package request Package name and upload malicious code , When the user intends to install Python Well known software packages requests But misexecuted “pip install request” when , Cause the installation of malicious software packages .

6） Developer error guidance or user error using unsafe installation options .

For example, enterprise internal packages Xcompany-http Both rely on internal packages Xcompany-sdk And rely on external packages requests, Enterprise employees install Xcompany-http It is highly possible to execute pip install Xcompany-http --index-url https://pypi.Xcompany.com/simple --extra-index-url https://pypi.python.org/simple

because pip Installation mechanism problems , Will download from both sources Xcompany-http、Xcompany-sdk、requests, And select a higher version or a specified version to install , If the enterprise is not PyPI Official source registration Xcompany-http or Xcompany-sdk, Then hackers can rush to register and upload malicious packages to attack employees' computers .

4. Some means for attackers to preempt the package name

In particular, the attacker needs to think about whether the victim will install the pre registered package name , It is similar to the security team thinking about how to better lure hackers into the honeypot . So the attacker is likely to use the following methods , Construct and preempt the package name with high hit rate .

1） Analyze all package names in the official source database

Package name simplification ： For instance from xx-sdk-python To rush to register xx-sdk, from yy-sdk2021 To rush to register yy-sdk, from yy-sdk To rush to register yy or yysdk

The package name is changed back and forth ： For instance from zz-python To rush to register python-zz

2） Analyze how packages are referenced

As mentioned above tensorflow-serving-api The usage in the code is “import tensorflow-serving.apis”, Then the attacker may rush to bet tensorflow-serving.

3） analysis GitHub Name of the open source project 、README.md、 Dependency file

Through analysis README.md Installation and operation instructions for （ Such as pip/npm/gem install command ） And dependency files （ Such as requirements.txt、package.json、Gemfile）, Check whether the relevant packages have not been registered in the official source . If you analyze the official open source projects of the enterprise or the individual open source projects of the enterprise employees , It is possible to discover the internal package name disclosure , There is a great possibility that the target enterprise can be targeted . In addition, the attacker may even preempt GitHub Head Star/Fork Package with the same name of the project , Wait for the fish to bite .

4） Mining websites for leaking information

By scanning all the websites of the target enterprise, such as package.json、requirements.txt、*.js Wait for the documents , Get the target dependent package name , It is possible to carry out targeted attacks on target enterprises .

5） Directly rush to register well-known software names 、 Common nouns

There are millions of well-known software on the Internet , such as C Language development software aaaaa, Some people think pip/npm/gem You can also install , Misoperation pip/npm/gem install aaaaa, Common nouns are similar .

Four 、 Software supply chain attack blue army security drill

The risks and hidden dangers of conducting the Internet software supply chain attack drill are great , First of all, it may be immoral , Preemptive registration of software package names used by others may affect the development of others' projects , Make trouble for irrelevant personnel ;

Second, it may involve unauthorized attacks , Because it is difficult to control the scope of influence , It will affect enterprises and personnel beyond the scope of exercise authorization , It may affect the normal deployment and expansion of the business , Even lead to major failure of business unavailability ;

Then rush to bet “ Poisoning ” The impact of is long-lasting , Even if the malicious package on the official source is deleted in time , However, multiple mirror stations at home and abroad may not be deleted synchronously , Instead, keep malicious packets for a long time .

Therefore, we must be cautious in carrying out blue army security exercises , It is recommended to avoid internet software supply chain attack drills that may affect unauthorized scope .

5、 ... and 、 Software supply chain attack countermeasures

The development of an enterprise is inseparable from the supply chain , Software supply chain attack is a global risk , Completely eliminate the unlikely , We need to treat every upstream supply chain software carefully , Some tips for dealing with prevention ：

For Security personnel

1） Maintain a trusted software warehouse within the enterprise , Try to reduce the number of enterprise personnel downloading software from various unknown channels .

2） Monitor servers and PC Abnormal operation and flow of running software , Even sandbox the software in advance , Take the initiative to identify potential hazards .

3） Comprehensively sort out and maintain the software and hardware information in use by the enterprise , When the supply chain attack is exposed, stop and determine the loss quickly .

For Developer

1） Downloaded through official channels IDE; Software distribution and upgrade adopt HTTPS Wait for encrypted transmission ; Avoid built-in remote control capability ; Regularly check the official website code and execution program for malicious tampering .

2） About preventing packet preemption attacks ： For enterprise internal packages , Can arrive in time PyPI/NPM/RubyGems Wait for the official source to register the package name （ Empty packages can be uploaded to avoid internal code leakage ）, Prevent enterprises from being attacked by preemptive injection ; For open source packages , Also in time to the official source registration and upload the latest code , It is not only convenient for users, but also can prevent users from being attacked .

For User

1） Always maintain the attitude that any foreign software is not completely safe and reliable , Give priority to well-known software with public praise and security awareness .

2） About preventing packet preemption attacks ： Be careful when installing the software , Follow official guidelines to ensure proper installation , For example, pay attention to the spelling accuracy when the command line is typing the command by hand , In case the machine becomes a broiler accidentally .

This article mainly draws from the typical case of supply chain attack that it is easy to implement 、 The scene and means of the phishing attack by the package with high winning rate , The purpose is to remind everyone to pay attention to software supply chain attacks , And then elaborate on some countermeasures and precautions , I hope it can help defend against attacks .

This article mainly draws from the typical case of supply chain attack that it is easy to implement 、 The scene and means of the phishing attack by the package with high winning rate , The purpose is to remind everyone to pay attention to software supply chain attacks , And then elaborate on some countermeasures and precautions , I hope it can help defend against attacks .

The article cannot be formed without Tencent blue army （ The attacker ） And the onion team （ Defender ） Brothers' long-term research and learning summary , Including but not limited to KINGX、pass、neargle、 Starfish 、 Seven nights 、 Conan and other brothers . The contents involved in this article are only used to improve safety awareness , Do not use for illegal purposes , Hurried writing , deficiencies , Please let me know .

appendix ： Reference material

1、Typosquatting programming language package managers

2、Package go fishing

3、 Software supply chain source attack analysis report

4、2017 Review and Prospect of network security threats

5、 The battle of the source , Constantly upgrading the offensive and defensive confrontation Technology —— Software supply chain attack defense exploration

6、 Tencent onion anti intrusion system detected a number of malicious Python Poison in the warehouse supply chain

7、PyPI Official warehouse encounter request Malicious packet poisoning

8、NPM Encounter supply chain poisoning attack to steal K8S Cluster credentials

9、 Yes SolarWinds Think more about the event ： How to defend against supply chain attacks

10、Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies

11、RCE on build server via misconfigured pip install

12、3 Ways to Mitigate Risk When Using Private Package Feeds