(Disclaimer: I'm one of the co-founders at Phylum)
Our system has been alerting us to this actor's activities all morning (beginning sometime last night). They have been wildly active, and have continued to publish packages as we've worked to get them removed.
Interestingly, they have ported the Python bits to Javascript and have started publishing to NPM as well. Exact same TTP, crossing two ecosystems.
Our platform monitors these ecosystems, scanning packages for signs of risk as they are published. This way we can get them removed before they impact the wider open source community. We currently support Javascript, Typescript, Python, Ruby, Java, C# and recently just rolled out Golang and Rust support into beta.
We believe in a defense in depth approach to supply chain security and have also published an open source sandbox that limits access to the filesystem, network, disk and environment variables.
This attack is particularly interesting. The attackers targeted the massively popular 'requests' package in PyPI, used bitsquatting to target typosquat candidates, and results in ransomware getting deployed.
Plug: I've been building Packj [1] to address exactly this problem. It offers “audit” as well as “sandboxing” of PyPI/NPM/Rubygems packages and flags hidden malware or "risky” code behavior such as spawning of shell, use of SSH keys, and mismatch of GitHub code vs packaged code (provenance).
Our system has been alerting us to this actor's activities all morning (beginning sometime last night). They have been wildly active, and have continued to publish packages as we've worked to get them removed.
Interestingly, they have ported the Python bits to Javascript and have started publishing to NPM as well. Exact same TTP, crossing two ecosystems.
Our platform monitors these ecosystems, scanning packages for signs of risk as they are published. This way we can get them removed before they impact the wider open source community. We currently support Javascript, Typescript, Python, Ruby, Java, C# and recently just rolled out Golang and Rust support into beta.
We believe in a defense in depth approach to supply chain security and have also published an open source sandbox that limits access to the filesystem, network, disk and environment variables.
https://github.com/phylum-dev/birdcage
This is rolled into our CLI so that you can do things like `phylum npm install <pkgName>` and install packages in a sandboxed way.
Happy to answer questions about this attack, security, sandboxes, etc!