Brother
Professional
- Messages
- 2,590
- Reaction score
- 539
- Points
- 113
Why is it so easy to hack services like NuGet, PyPI, and RubyGems, and what is the main mistake vendors make?
According to experts from ReversingLabs, last year hackers were particularly active in breaking into such popular online software development platforms as NuGet, PyPI, npm and RubyGems.
Analysts examined these resources and concluded that the attackers ' main targets were credentials, API tokens, and encryption keys. In just a year, almost 40,000 leaked records were discovered. Most of them are based on the npm platform for JavaScript.
Half of the hacked accounts were used for illegal access to Google services. Almost every tenth is used for attacks on the Amazon AWS cloud service.
As noted in ReversingLabs, it is third-party software vendors that are increasingly being attacked. This is due to the fact that hacking them becomes easier thanks to more affordable high-tech equipment and ready-made automated phishing tools.
Cyberattacks on software supply chains are now being carried out not only by state-linked hackers, but also by amateur cybercriminals, who are disparagingly referred to as "script kiddies"in the industry.
The situation is aggravated by the carelessness of some companies-potential victims. Despite high-profile hacks in the past year, including the Cl0p hacker attack on the MOVEit service, many still underestimate the threat.
ReversingLabs calls on companies to abandon "blind trust" in software vendors. Instead, they are advised to use tools to check the source code and compiled programs for malicious activity.
According to experts forecasts, attacks on vulnerable links in software supply chains will only increase in the near future.
According to experts from ReversingLabs, last year hackers were particularly active in breaking into such popular online software development platforms as NuGet, PyPI, npm and RubyGems.
Analysts examined these resources and concluded that the attackers ' main targets were credentials, API tokens, and encryption keys. In just a year, almost 40,000 leaked records were discovered. Most of them are based on the npm platform for JavaScript.
Half of the hacked accounts were used for illegal access to Google services. Almost every tenth is used for attacks on the Amazon AWS cloud service.
As noted in ReversingLabs, it is third-party software vendors that are increasingly being attacked. This is due to the fact that hacking them becomes easier thanks to more affordable high-tech equipment and ready-made automated phishing tools.
Cyberattacks on software supply chains are now being carried out not only by state-linked hackers, but also by amateur cybercriminals, who are disparagingly referred to as "script kiddies"in the industry.
The situation is aggravated by the carelessness of some companies-potential victims. Despite high-profile hacks in the past year, including the Cl0p hacker attack on the MOVEit service, many still underestimate the threat.
ReversingLabs calls on companies to abandon "blind trust" in software vendors. Instead, they are advised to use tools to check the source code and compiled programs for malicious activity.
According to experts forecasts, attacks on vulnerable links in software supply chains will only increase in the near future.
