Hundreds of code libraries posted to npm try to install malware on dev machines

Welcome to the latest edition of Chainmail: Software Supply Chain Security News, which brings you the latest software security headlines from around the world, curated by the team at ReversingLabs .

This week: Hundreds of code libraries posted to npm try to install malware on dev machines. Also: Critical flaws in the Ollama AI Framework could enable DoS, model theft, and poisoning.

This Week’s Top Story

Hundreds of code libraries posted to npm try to install malware on dev machines

Phylum researchers discovered an on-going campaign in which threat actors are uploading hundreds of malicious packages to the npm repository in an attempt to infect the devices of developers who rely on code libraries there. In an attempt to deceive their targets, the malicious packages have similar names to legitimate and popular libraries such as Puppeteer, Bignum.js, and other code libraries meant for working with cryptocurrency.?

The malicious packages are presented in the form of a packed Vercel package, and use a novel way to conceal the IP address the devices contact to receive the malicious second-stage malware payloads – making it difficult for the victim to spot the infection. Once downloaded, the malicious code is written in a way that allows it to access an Ethereum smart contract to “fetch a string, in this case an IP address, associated with a specific contract address on the Ethereum mainnet (main network),” researchers noted. The mainnet in this case serves as the Ethereum cryptocurrency’s primary blockchain network that supports transactions.?

Researchers found that upon accessing the IP address associated with the mainnet, the malware “performs a handful of requests to fetch additional Javascript files and then posts system information back to the same requesting server.” The victim’s stolen system information includes details about the GPU, CPU, the amount of memory on the machine, username and the operating system version, researchers noted.

This campaign uses typosquatting – a technique in which attackers copy the name of a legitimate package and slightly misspell it in an effort to trick victims into downloading their disguised, malicious package. Typosquatting is a very popular technique used by threat actors across various open source repositories, and it’s essential that developers use extra caution and care to double-check the legitimacy of any package they intend to download. (Ars Technica)

This Week’s Headlines

Critical flaws in Ollama AI Framework could enable DoS, model theft, and poisoning

Researchers from Oligo Security have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a threat actor to perform denial-of-service (DoS), model poisoning, and model theft attacks. Ollama is an open source platform that allows users to deploy and operate large language models (LLMs) locally on Windows, macOS and Linux operating systems. Researchers assert that attackers will only need a single HTTP request when exploiting the six vulnerabilities together to pull off each of these attack types and more. This discovery from Oligo comes just four months after cloud security firm Wiz disclosed a severe flaw impacting Ollama (CVE-2024-37032) that could have been exploited to achieve remote code execution. (The Hacker News)

OWASP expands GenAI security guidance

The Open Worldwide Application Security Project (OWASP) has released an updated generative AI (GenAI) security guidance that includes guides for handling DeepFakes, building an AI Security Center of Excellence, and a GenAI Security Solutions Guide. This move from OWASP is meant to provide actionable guidance and resources for organizations to identify and manage the risks to securely adopt, deploy and manage LLM and GenAI applications. OWASP’s Top 10 for LLM Risks and Mitigations has become a major project with involvement from 500 experts across 110-plus companies that work closely with standards set by the U.S. National Institute of Standards and Technology (NIST) and MITRE. (OWASP)

Kicking dependency: Why cybersecurity needs a better model for handling OSS vulnerabilities

AppSec expert and leader Chris H. argues in this piece for CSO that most organizations are still immature when it comes to identifying open source dependencies, which he believes can usher in a host of problems when dealing with vulnerabilities. Along with being unable to identify these risks, Hughes notes that organizations also lack the proper understanding of relevant vulnerabilities, and don’t have a clear strategy for prioritizing the mitigation of them. This leads to greater issues between security and developer teams, in that developers will reap the consequences of an immature OSS vetting strategy in the form of greater toil and noise, Hughes notes. Continue reading to gain context into why this lack of maturity among organizations is so widespread, and how your AppSec team can make the improvements it needs to handle OSS risks. (CSO)

Nokia: No evidence so far that hackers breached company data

Mobile device maker Nokia is investigating an alleged cyberattack in which threat actors claim to have stolen sensitive internal data. However, the company says that so far there is no evidence that either its data or systems were affected by a breach. Despite this assertion from the company, threat actor group IntelBroker claimed responsibility for the incident, and shared that they were able to hack Nokia via the breach of a third-party contractor linked to the company’s internal tool development. Hackers claimed that they stole a plethora of internal data from Nokia, including SSH keys, source code, and internal credentials, which they put up for sale on the BreachForums cybercrime site for $20,000. (Dark Reading)

Survey surfaces software supply chain security gains

A new survey of 106 software supply chain security leaders commissioned by Anchore found that more than three-quarters of respondents (76%) work for organizations that have made software supply chain security a significant or top (24%) priority. Respondents also reported that the top three challenges their organizations are encountering are verifying the security of third-party software (46%), the security of OSS (42%) and the security of the development toolchain (34%). On the flip side, organizations are looking to better prioritize open source risk (31%), automate scans across the software development lifecycle (26%), and improve the security of the DevOps toolchain (17%). (DevOps.com)

For more insights on software supply chain security, see RL Blog.?

The Best of RL

Blog | Spectra Assure Malware Detection in ML and LLM Models

RL is proud to introduce a major update to our Spectra Assure? product, with enhanced capabilities for detecting and mitigating ML malware. This new feature is designed to safeguard your machine learning models from threats posed by malicious actors who exploit unsafe serialization formats to distribute malware. Continue reading to learn more. [Read It Here]

Webinar | YARA Rules 101

November 14 at 11 am ET

For over a decade, RL experts have been identifying key threats in the wild and creating open source YARA rules to spot them. In this webinar, hear directly from our experts about the role YARA rules can play in identifying threats, what distinguishes high-quality YARA rules from low-quality ones, and how to write and use YARA rules to meet your threat hunting and detection needs. [Register Here]?

Webinar | Exposing Software Supply Chain Weaknesses

November 20 at 12 pm ET

IDC's latest DevSecOps research documented a staggering 241% increase in software supply chain attacks. Join special guest speaker Katie Norton of 国际数据公司 to dive into the firm’s findings, unpack trends in attacker behavior, and learn actionable steps to help safeguard your organization from these rising threats. [Register Here]?

For more great conversations to watch, see RL’s on-demand webinar library.?