Home Hacks Revival Hijacking: Exploiting PyPI Packages in the Wild

Revival Hijacking: Exploiting PyPI Packages in the Wild

0
Revival Hijacking: Exploiting PyPI Packages in the Wild

The “Revival Hijack” technique exploits a vulnerability in PyPI’s package removal process. When a popular package is deleted, its name becomes immediately available for registration by others. 

Malicious actors can hijack the name of such a package and replace it with a malicious version, which can lead to security breaches when unsuspecting users update or reinstall the package. The technique is particularly effective because it doesn’t rely on user error and can easily bypass existing safeguards. 

The analysis found that thousands of popular PyPI packages are susceptible to this attack, highlighting the urgent need for improved security measures to prevent such malicious activities.

Illustration of the “Revival Hijack” PyPI attack

To safeguard the PyPI community from package hijacking, a dedicated account was created, “security_holding,” inspired by NPM’s approach, which was used to reserve the most popular abandoned packages by replacing them with empty packages. 

It prevented malicious actors from exploiting these packages and introducing harmful code. By utilizing version 0.0.0.1, it was ensured that empty replacements wouldn’t be inadvertently downloaded by users with outdated package installations.

One of the abandoned packages

The “Revival Hijack” threat is significant, as demonstrated by the high download counts of “safely hijacked” PyPI packages, which is due to outdated jobs and scripts referencing deleted packages and typosquatting by users. 

It is even more severe than initially anticipated, as it can potentially affect a much wider range of users through a pip update. The popularity of the hijacked packages’ dependencies further amplifies the potential impact of a supply chain attack.

Some GitHub repositories that depend on the “gingerit” PyPI package

PyPI employs several measures to prevent package hijacking, including blocking packages with identical or similar names to existing ones, as well as those on a blacklist. The similarity check involves replacing certain characters with numbers and removing punctuation to detect typosquatting. 

While these measures help mitigate the risk of malicious packages, they are not exhaustive. For example, a more comprehensive blacklist could effectively prevent the Revival Hijack attack by automatically adding removed project names.

Attackers exploited the “Revival Hijack” technique by taking over the abandoned “pingdomv3” package on PyPI. The original package (a Python implementation of Pingdom API) was last updated in April 2020. 

Pingdomv3 attack timeline

In March 2024, a new owner (Jinnis) registered the name and released seemingly benign updates. However, a later update included a Base64-encoded malicious payload detected by automated scanning systems. The researchers at JFrog reported the malware to PyPI, and all versions of the hijacked package were removed.  

Attackers used a Python malware payload that dynamically executes a decoded Base64 string by targeting Jenkins continuous integration environments by checking for the presence of the JENKINS_URL environment variable. 

The attackers then made an HTTP GET request to a malicious server to retrieve Python code, which was then executed using the exec function by leveraging the ability to hijack removed packages on PyPI. 

Also Read:

NO COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here