An Interest In:
Web News this Week
- April 12, 2024
- April 11, 2024
- April 10, 2024
- April 9, 2024
- April 8, 2024
- April 7, 2024
- April 6, 2024
Some of Our Sources
- Engadget
- Mashable
- Team Treehouse
- You The Designer
- Naldz Graphics
- Spyre Studios
- Web Resource Source
- Android Dissected
- The Verge
- TechPowerUp
Help Webnuz
Referal links:
May 21, 2022 04:34 pm
Original Link: https://developers.slashdot.org/story/22/05/21/0520207/how-a-rust-supply-chain-attack-infected-cloud-ci-pipelines-with-go-malware?utm_source=rss1.0mai
How a Rust Supply-Chain Attack Infected Cloud CI Pipelines with Go Malware
Sentinel Labs provides malware/threat intelligence analysis for the enterprise cybersecurity platform SentinelOne. Thursday they reported on "a supply-chain attack against the Rust development community that we refer to as 'CrateDepression'."On May 10th, 2022, the Rust Security Response Working Group released an advisory announcing the discovery of a malicious crate hosted on the Rust dependency community repository. The malicious dependency checks for environment variables that suggest a singular interest in GitLab Continuous Integration (CI) pipelines. Infected CI pipelines are served a second-stage payload. We have identified these payloads as Go binaries built on the red-teaming framework, Mythic. Given the nature of the victims targeted, this attack would serve as an enabler for subsequent supply-chain attacks at a larger-scale relative to the development pipelines infected. We suspect that the campaign includes the impersonation of a known Rust developer to poison the well with source code that relies on the typosquatted malicious dependency and sets off the infection chain.... In an attempt to fool rust developers, the malicious crate typosquats against the well known rust_decimal package used for fractional financial calculations.... The malicious package was initially spotted by an avid observer and reported to the legitimate rust_decimal github account.... Both [Linux and macOs] variants serve as an all-purpose backdoor, rife with functionality for an attacker to hijack an infected host, persist, log keystrokes, inject further stages, screencapture, or simply remotely administer in a variety of ways.... Software supply-chain attacks have gone from a rare occurrence to a highly desirable approach for attackers to 'fish with dynamite' in an attempt to infect entire user populations at once. In the case of CrateDepression, the targeting interest in cloud software build environments suggests that the attackers could attempt to leverage these infections for larger scale supply-chain attacks.Read more of this story at Slashdot.
Original Link: https://developers.slashdot.org/story/22/05/21/0520207/how-a-rust-supply-chain-attack-infected-cloud-ci-pipelines-with-go-malware?utm_source=rss1.0mai
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot