A new supply chain attack method targeting the Python Package Index (PyPI) registry has been exploited across the web in an attempt to infiltrate various organizations: its name is “Revival Hijack“.
Revival Hijack: What is this attack and how does it work?
This attack has been dubbed the “Revival Hijack” by software supply chain security firm JFrog, which said that the attack method could be used to hijack 22,000 existing PyPI packages and result in “hundreds of thousands” of malicious package downloads; These vulnerable packages have more than 100,000 downloads or have been active for more than six months.
“This attack technique [Revival Hijack] consists of hijacking PyPI software packages by manipulating the option to re-register them once they are removed from the PyPI index by the original owner“, JFrog security researchers Andrey Polkovnychenko and Brian Moussalli said in a relationship.
At its core, the Revival Hijack attack It is based on the fact that several Python packages published in the PyPI repository are removed, making them available for registration by any other user.
Statistics shared by JFrog show that about 309 packages are removed each month on average and these could be removed for several reasons: lack of maintenance (i.e., abandonment), Republishing the package under a different name, or introducing the same functionality into the official libraries or built-in APIs.
Revival Hijack Attack and Possible Data Theft on the Horizon
This also represents a profitable attack surface, more effective than typosquatting, which an attacker, using their own accounts, could exploit to publish malicious packages with the same name and a higher version to infect developers’ environments.
“The technique does not rely on a victim’s error during package installation“, the researchers said, noting that Revival Hijack may yield better results from an adversary’s point of view.Upgrading a ‘once safe’ package to its latest version is considered a safe operation by many users.”
While PyPI has safeguards against author impersonation and typosquatting attempts, JFrog analysis found that running the command “pip list –outdated” lists the fake package as a new version of the original package, where the former corresponds to a different package from a completely different author.
Even more worrying, running the command “pip install –upgrade” replaces the real package with the fake one without any warning that the package author has changed, potentially exposing unwitting developers to a huge risk to the software supply chain.
JFrog’s conclusions
JFrog said it has created a new PyPI user account called “security_holding” which it used to safely hijack vulnerable packages and replace them with empty placeholders, thus preventing cybercriminals from exploiting the removed packages.
Furthermore, each of these packages was assigned the version number 0.0.0.1 – the opposite of an attack scenario of dependency confusionto prevent them from being retrieved by developers when running a pip update command.
Even more disturbing is the fact that the Revival Hijack has already been exploited in real contexts, with an unknown cybercriminal called Jinnis who introduced a harmless version of a package called “pingdomv3” on March 30, 2024, the same day the original owner (cheneyyan) removed the package from PyPI.
On April 12, 2024, the new developer is said to have released an update containing a Base64-encoded payload that checks for the presence of the environment variable “JENKINS_URL” and, if present, executes an unknown next-stage module retrieved from a remote server.
“This suggests that the attackers either delayed the delivery of the attack or designed it to be more targeted, possibly limiting it to a specific IP range.“, JFrog said.
The Revival Hijack attack does not (luckily) cause irreparable damage (it seems)
The new attack is a sign that cybercriminals are aiming for supply chain attacks on a larger scale, targeting deleted PyPI packages in order to expand the reach of campaigns; Organizations and developers are advised to inspect their DevOps pipelines to ensure they are not installing packages that have already been removed from the repository.
“Using a vulnerable behavior in the handling of removed packages allowed attackers to hijack existing packages, making it possible to install them on target systems without any change in the user’s workflow.“, said Moussalli, Team Lead of Security Research at JFrog.
“The attack surface of PyPI packages is constantly growing. Despite proactive intervention in this case, users should always remain vigilant and take the necessary precautions to protect themselves and the PyPI community from this hijacking technique..”
#Revival #Hijack #Attack #PYPI #Packages
