 The average amount of malicious packets uploaded to it is 22 packets. Daily average of 22 malicious packets. That's around 2% of the total packets uploaded daily to NPM. Malicious actors are polluting on a regular basis the popular package registries. What can we do about it? As Abraham Lincoln said, the best way to defeat your enemy is by making him a friend. And today we'll try to do it. In the next 30 minutes, we'll fully analyze the latest trends in malicious packets and compare them to the overall evolution of general malware. We'll forecast likely future events around this area and review key tactics to combat these growing threats by analyzing lessons learned from security solutions built for general malware. My name is Daniel Cabez, I'm a vulnerability research team leader and open source security thought leader at MEND, formerly known as white source. For the past decade, I'm working at the cybersecurity industry, starting by being all around there, doing some forensics, incident response, building stuff, then later on I focused on leading malware research and vulnerability research teams. You probably remember the time when malwares were commonly referred with the term viruses incorrectly. At least that's what I remember from the late 1990s and the start of the odds. Back then when you talked with a friend and he told you about a new virus which infected his machine, you were scared it might infect you too. And we've seen people who downloaded stuff on those informal or less known sources who were infected with those viruses. And as the cyberspace developed exponentially, instead of seeing the same exponential growth of those malwares, we've seen some migration of attackers focused towards organizations instead of to individuals' machine. In package ready series these days, we're seeing some features of those early days of malwares where attackers are testing stuff. They are trying some basic malicious techniques or attacking everyone who downloads a package from those informal or less known developers, which is quite similar to those early days of malwares. What we'll have in the session today. You're familiar with malwares in general and how to counter them, so you might know more than you think about malicious packets. And even if you aren't familiar with malwares, at the end of this session you'll know a lot more about malicious packets and malicious techniques by digging into the technical details and seeing the similarities and differences of malicious packets compared to the overall malwares evolution, we can predict where is this thing heading. Let's start from the beginning. The first malicious packets discussed on NPMLog was in 2017. It was a set of 37 malicious packets created by one malicious actor. And it was only one year after security. Good? Good to go. So, as I was saying, it was the very beginning of malicious packets in package registries. And this is quite an old packet from, you know, the beginning of all this talk. And except from how the attacker manipulated the user to download this malicious package, what the attacker did once the package was on the machine. So the attacker just used the script section of the package JSON file to execute the main JS file of the package. This script section is used either by a developer or attackers to run almost any scripts in the installation of a package, either pre-installed, post-installed, in this case it's a post-installed. Then he's using free techniques to achieve his malicious intention. He's creating a post-request and, okay, creating a post-request. He's running process end command to pull user environment variables which contains information such as username, hostname, home dear, and in some circumstances it might contain some environment variables such as keys, tokens or passwords. And then he's using base 64 encoding, but in this case it's not a, say, hiding or evasion technique, it's just a way to transfer data stream across the network. So this, as we mentioned, is quite an old package. So we might ask now, is that what we're seeing in recent days, not what we're seeing in, you know, quite new malicious package? Let's check. So on the slide we're seeing the NPM read me page of malicious package found in the wild recently. It has such a new documentation, right? If you look closely you'll see it's just Latin or gibberish text which really doesn't mean anything. It just looks legitimate for a glance. The attacker is using the Lorm Ipsum technique which is known in the publishing or in graphic design as text, placeholder text which tries to demonstrate the visual form of a document without relying on any meaningful text. Then he added some illustration which again looks legitimate for a quick lens. Except from that attacker is using two evasion techniques in this case. He's using Hex encoding to evade some static detection security tools and in addition he's creating some delayed execution of the malicious code after about one hour after initial installation to evade some dynamic detection security tools. So similar to the previous package that we just seen, the attacker is trying to exfiltrate user private information. In this case he's doing it via DNS web book, via two known web, sorry, DNS lookup to two known web books, PipeDream.net and RequestBean.net. Then he's sending private information which is username, host name, machine name, list of files under the home directory and list of IP addresses configured on the current host. So this is giving us a perspective of the main trend in the malicious package over the years. Now before I'm losing you by digging into more technical details, I want to jump to the most interesting part. The trends analysis of malicious package compared to the overall malware evolution. On the next slides we'll see a visualization of the three main attributes related to any kind of malware which are attack vector, malicious techniques and the objective or the malicious intention of the package or general malware. Starting with malicious package trends. So on the slide we're seeing the attack vector of malicious package and for each year there is a colorful dot which tries to demonstrate how common it was on the same year. And I'll start here with a quick recap of the attack vectors just to differentiate what each one means. So we have brand jacking which is a way of acquires or assuming an attacker requires or otherwise assumes the only identity of a company, product or an owner of a package then inserting malicious code. It doesn't necessarily mean he is actively stealing something but just taking advantage of an opportunity related to the brand name. Next we have dependency hijacking which occurs when an attacker obtains control of a public repository then inserting a new malicious version. We have typosquatting which occurs when an attacker will release a new malicious version to a public repository in the hope that a developer will mistype the popular package name that he meant to pull and will pull the typosquatting malicious package instead. And lastly we have dependency confusion which is again occurring when an attacker release a new malicious version to a new malicious package to a public repository with the same name as some internal package of a company. And it depends on a risky feature or a vulnerability, depends who are in the community, some consider it as a vulnerability, others consider it as a risky feature either way when the developer pulling the company or developer pulling the internal package name it will fetch due to this risky feature the public package instead. So what we are seeing on the slides and the trend on those years we are seeing two attack vectors which are the most common which are typosquatting and brand checking which follow us through the years and except from that we are seeing dependency hijacking and dependency confusion which has much narrow impact on the community and although they are related to brand checking or consider this subtype of brand checking I decided to put them here on different spots because first as I mentioned they have much narrow impact on the community and in addition dependency hijacking is more often actively stealing and dependency confusion as I mentioned is a vulnerability or risky feature which some of their dependency management tools already implemented some mitigation for this. Moving to the malicious techniques of malicious package. So here we have another layer which we can review over the years which is the expertise level which we will see on the next slides too and we can see that related to evasion techniques in this case which attackers in the last few years in malicious package started to use some intermediate evasion techniques in addition to the basic evasion techniques that they are using currently and except from that we are not seeing much of a change over the years we are seeing that the usage volume or the popularity of those malicious techniques have raised but it is in correlation to the general growth of the package registries over those years and you know there are a few rare cases of persistence techniques that being utilized but you can count them on one or two hands. Objective of malicious package. So here we have three objectives and again two of them are the most common one which are reconnaissance and stealing private information and by reconnaissance I refer to any act of gathering information which can be manipulated or sorry can be monetized through a direct individual. And in addition to that we are seeing crypto mining under crypto malware world and it has a narrow impact than the other two much less popular than the other two and few more unique things that we have seen on the last year which aren't mentioned on this slide is first is protestware. Protestware is a malicious software usually not related to any monetization it just derives from you know ideological reasons as a vandalism act and another thing that emerged or have a lot of popularity in the last year is under stealing private information there we are seeing a lot of attackers trying to steal discord premium accounts and for those who aren't familiar discord is a social communication platform. We're moving to malware trends starting with the attack vectors. So here we have informal source usage and social engineering which are the most popular and informal source usage is when you know any act of engaging with the site company or product which clearly doesn't have enough reputation to back up his legitimacy and social engineering is an act of manipulating a user to or via human interactions which is you know relates mainly to phishing that we're seeing these days. Fishing occurs as you know for sure via SMS, social network, emails and I think but under phishing I think the most popular thing popular attack vector is probably to do this via advertising. Advertising exists like everywhere even on legitimate places. This is also referred with the term malvertising and I think it is one of the most undervalued attack vectors under phishing these days and except from that we're seeing of course vulnerable services and brand checking which are still with us all this time but have they are much less popular than the other two. We're moving to the malicious techniques of malware and here we can see I think from a quick lens that there is something different from other slides that were viewed there is a development of the expertise over the years in general malware of course. We're seeing that attackers these days are using advanced invasion techniques, advanced persistence techniques, advanced deployment, communication or execution techniques which is under environment control and on top of that they are even using a vulnerability exploitation to enhance their capabilities on the machine. Next is the objective of general malware and I think on these slides nothing is a big surprise. We're hearing all over the news every day about a new ransomware attack and a crypto miner or crypto stealing that occurred and we're credential or credit card stealing we are seeing that ransomware crypto malware are the most popular and in addition to them we are seeing adwares which adwares it's not malvertising or the advertising attack vector which I mentioned a couple of slides ago it is a malicious software intended to inject ads usually to your browser and it is one of the top objectives currently for general malware and on the other hand like like it is a top objective for the cyber criminals but again for the on the other hand for users or for the security community it is one of the most undervalued objective or something that the community give it enough attention it is one of the silent objective currently for cyber criminals in addition to those we are seeing bots and stealing private information which are still a part of the objectives for malware these days so we reviewed all the malicious techniques attack vectors objectives both for malware and for the malicious package now we can easily put them side by side and see what we're learning from this what what we're seeing from this comparison so starting with the attack vector comparison we're seeing on the malicious package side dependency confusion compared to vulnerable services as I mentioned it is either a risky feature or a vulnerability and this is the place that it sits in this comparison next we have dependency hijacking and brand checking compared to brand checking in general malware and it was of the one of the unique cases where malicious package attack vector has surpassed in popularity when we are comparing to general malware but don't be confused it is just on the how it is popular not not in the way of you know the expertise level that they are using in the malicious package next we have typosquatting which is compared to informal source usage and social engineering and if yes why is because typosquatting should just check who is the owner behind this package you'll clearly see that it's not someone legitimate and regarding social engineering because it depends on a faulty human interaction that mistyping the popular package name that we wanted to get what we're learning from this we're seeing that we should expect an increase in vulnerable services and in social engineering in the few years to come and by vulnerable services are referred to the dependency management tools there we will see and attackers finding more vulnerabilities and by that exploiting them and uploading more malicious package and regarding social engineering in general we will see attackers utilizing more techniques in the near future malicious techniques comparison so here we are seeing from a quick lens a few holes on the malicious package side but starting with evasion so attackers these days in malicious packets are using quite basic or you know few intermediate evasion techniques like as we've seen before base 64 encoding and hex encoding delay execution and when we are comparing it in what is happening in general malware there we are seeing advanced evasion techniques being utilized on a regular basis on almost every malware we are seeing anti-vm, anti-reverse engineering, files and registry queries and the least for advanced evasion techniques in general malware are very long persistence I don't know why but attackers in malicious packets are very persistent by continually releasing new malicious packets to the package registry that we love and but they aren't using any persistence techniques in the malicious package that they are sharing and again there are a few exceptions but you really can count them on one or two hands and when we are comparing it to general malware we are seeing that attackers are using advanced persistent techniques they are using scheduled tasks and browser extensions and again the least for advanced persistent techniques that being utilized in general malware are very long vulnerability exploitation so in malicious packages we are seeing attackers gathering information related to vulnerabilities but we aren't actually seeing them exploiting them and when again we are comparing it what is happening in general malware we are seeing attackers using a lot of real exploitation to enhance or to get a better grasp on the network or the machine that they infected and lastly for this comparison we have environment control which related to communication execution deployment on the machine that we are seeing in general malware advanced techniques that are very hard to detect analyze or to counter after the the machine was infected with the malware and comparing to what is happening on malicious packet where we are seeing network communication basic network communication techniques being utilized all the time print post install script shell commands and we're seeing something repetitive something that's happened again which is quite easy to detect or to counter or to analyze and that's quite it and what we are learning from this comparison so we are learning that for evasion we should expect that attacker will use more advanced techniques and it will happen sooner we think regarding evasion for persistence well maybe not advanced persistence for start but we will see attackers utilizing persistent techniques more commonly in malicious packets vulnerability exploitation is one of the hardest things to achieve so and you know it's not much useful in all in the general circumstances so we might see attackers utilizing some vulnerability exploitation but it will happen like when a new vulnerability which is wide in widely popular product which is easy to exploit will emerge like you know a new log for shell attack vulnerability and lastly we have environment control there we will see attackers using more diverse attacks more methods more advanced methods in the near future objectives next so again we have a few holes on the malicious packet side where we are not seeing much or even at all some of the objectives that we're seeing in general malware so ransomware I think we've seen like one or two in the last five years cases of ransomware in malicious packets but it can be compared to what is happening in general malware where attackers are seeing the huge incentive behind ransomware and implementing you know and it is one of the top objectives in general malware crypto malware compared to crypto mining so in general malware attackers are utilizing or trying to get the malicious intentions of crypto stealing and crypto mining and it is the one of the top objectives of the general malware of cyber criminals in general malware and the malicious package where many seeing crypto mining which you know is currently is a bit less less popular it is have less incentive behind it crypto mining these days because crypto stealing is much more easier and you are gaining a lot more so we're seeing mainly crypto mining and malicious packets and a few cases of crypto stealing next we have adwares which we aren't really seeing in malicious packets and again it is a top objective for general malware and we have bots which we are seeing a few very cases of malicious packets and lastly is stealing private information sitting with reconnaissance and compared to the general stealing private information of general malware and again we have one of the unique cases where this objective is surpassing by by popularity for the malicious packets and you know for reconnaissance we aren't even seeing that on general malware and it is because it clearly doesn't have enough incentive behind it and it is it will probably be one of the things that we will see a decrease of popularity in the future in malicious packets so what we're learning from this comparison we're learning that regarding ransomware attackers will understand what what is the obstacles in their path in implementing it currently in package various fees because it has a huge incentive behind it so they will figure out you know in this cat and mouse game of attackers versus the security community how to achieve this in some malicious packets in the future crypto jacking so and specifically crypto jacking we will see an increase of the popularity of it and again it is I mentioned it in the last slide has more incentive than crypto mining it will see either migration of crypto miners to crypto stealing or in addition to that we'll see it more popular objective and lastly we have adware which is not the easiest thing to achieve in malicious packets you know in package various trees because eventually those packets are used in developer environment in the back end so it is not so close you know to the end user that's using is in the daily basis the browser and you know this is the most convenient place for adwares so we might see it in the in the near future we will see it in the near future but it won't be a top objective for attackers in malicious packets summarizing the malicious trends the the problem side so what we are seeing from our analysis today is that attackers in malicious packets or malicious packets when they are compared to general malware they are very similar and you know it is quite quite obvious it is quite quite an obvious thing and because eventually both of them are malwares it's just a new attack surface but we are seeing in our analysis today that what the work that is happening currently in malicious packets and their malicious techniques attack vectors their objective is much more similar to what happened in the general malwares years ago or even a decade ago and now I can't you know discuss in this session only about the problem only about the malicious techniques and I want to give a spot to the security solutions and see if we are seeing any correlation between what is happening in the in the this comparison of the malicious techniques to the security solutions let's check let's review the comparison or the security solutions of malicious packets to general malware so here I spared you the time we know referring to all the security solutions like edrxdr and mdr epp and you know I didn't explain like each capability here on the slide and we are just seeing the jumping to the comparison so and and I wanted to add here you know the expertise level chain because difference between what is happening in general malware to malicious packets but happily there isn't such a difference security solutions for malicious packet developed very quickly you know it's it's a tough surface that that is new and there is the last few years we are seeing it emerging and what we're seeing that is that they built very fast but not just a quick fix or you know something that is giving a fair solution no they guarded all the information from the past events from security solutions build for general malware and build something that give a high response time and high detection rate and really it is a happy thing to see but of course you know general malwares are security solutions for general malwares are much more mature and you know they can handle some more edge cases and we can see that with artificial intelligence where in general security solution for general malwares it is a very mature thing which is currently used almost in any security solution and when we are comparing it to malicious packet security solutions it is in its very beginning currently and we need to remember it is still again a cat and a mouse game of attackers versus the security solutions which will evolve and will change and we need to keep on top as we've seen attackers will evolve and change their ways in the near future so I added here another thing that I want to you know we've talked a lot about the malicious techniques about all those malicious stuff and problems so I want to add with a few end this session with a few best practices to handle all those malicious packets so first deploy a tool to review or to you know know from where this package is from what is the package sources verify them and on the same note you know don't install a packet without verifying it without running the assessment and in addition one thing that worth mentioning is give it a delay time eventually it takes you know a couple of minutes seconds or even some cases there is need for a security analyst to review what is happening before categorizing it as a malicious package so don't deploy it to your production of course but don't even install it in your development environment before you are running all this assessment regarding abandoned package either abandon them or if you can take them over and lastly educate and protect the entire development cycle and start starting from the developer themselves getting back to the quote from the start of this session the best way to defeat your enemy is by making him a friend I hope today you've learned how to defeat this enemy and this is the males of a mobility research team and my email feel free to reach out with any questions you might have give you second to take a picture and thank you really thank you for your time thank you for listening moving to our q&a section yes I think you're marking a great point because eventually it is a different attack surface a bit like it is more focused currently on specific companies or you know companies that are utilizing package package in package registries and not in general attack surface of general malware is where we are seeing like you know maybe even countries involved or different stuff and so I hope I'm answering a question the focus it might be more relevant to organizations but I think what we are clearly seeing that is that there are more testing stuff there are more trying stuff they aren't sure that they even want incentive in some cases and if they want incentive they're just using some basic basic techniques or trying you know to achieve the MVP to to see how how it's work currently and this is this is a bit you know funny to see that in five years development we I expected to see something different already in this year so we are using the data that we gathered in our our internal supply chain security tool which is gathering information from melee npm and ruby gems in the last three or four years oh that's a really great question I you know I can try to to guess a bit but I don't have this number we I'm not sure that anyone knows a precise number but I think the vandalism acts that we're seeing you know some denial of service or packages that are part of you know the the the whole integration of the some companies it is costing them a lot of man hours times or changing that clearly infecting and you know costing the the entire community's money and we are adding to that all the crypto miners and stuff that are running quite silently on some machines so it it can be compared again to general malware but there is some some money behind that and but they can give a guess even on the number to reduce the risk via that so you know yes because you you you are seeing the information more more clearly with these ways and it might take some time if you are depending only on this because you want the security solution that evolving very quickly as I mentioned and have enough response time but it is a layer that's helping to to you know reviewing this this segment of package registries yes that's again you have great questions and that's I think this is an issue in the general community if if I get if I'm understanding your question if not let me know and regarding you know categorizing all those malicious packets with something similar to vulnerabilities which we have cv is currently that that's what you meant yeah so in the past mitres suggested some solution for that which is the cwe program I think if I'm not wrong or cme program which felt like they stopped using it stopped supporting it I think in something like 2008 regarding general malware and this is the thing that I think the community need to to think about we are thinking currently about it how we can support it more the community with categorizing these malicious packets and this is not an easy task you know I said abilities because attackers can as we've seen 22 malicious packets daily and and and can be and can raise dependent on how their community will focus that so it is not an easy task to you know giving all of those and ideas related to that but we currently in our company we are categorizing it via the hash which I think is what is happening you know in various total and in the general community on malware but again this is a great question which we are currently in the community talking about and seeing if there is a better solution yes and use this what sorry yep so we will clearly see and malicious packets utilizing and exploiting vulnerabilities because you know I think even for for proof of concept for attackers they will want to to show what they have what they what they got and even if as I mentioned it is not the most easiest thing or you know the most thing that they earned from that something and so we will see and regarding if they'll use in our and very all the vulnerabilities from windows environment or stuff I think they'll use whatever is easiest and the thing that will that we that they'll can earn the most from that like spreading more and hence intercapabilities more or again showing that they can do something that hurting a company or a product very heavily yes oh sorry I think okay last question yeah and so package release free is currently are doing stuff to you know counter all those things but 20 malicious packets a day or just on npm is is a lot so I think we should consider this community how to you know enhance the this this method you know maybe of how easy it is currently to upload malicious package to to those package registries you know we just need a mail and quite that that's quite it to upload currently a package for an npm for npm for example so there is work there but they are they are doing the best I'm sure so sorry but we will need to finish the session and really thank you everyone