Introducing Supply-Chain Firewall: Protecting Developers from Malicious Open Source Packages

Teilen:

In continuously monitoring PyPI and npm for open source malware, we observe malicious packages targeting software developers almost every day. Today, we are excited to introduce Supply-Chain Firewall, a new open source project from Datadog Security Labs aimed at defending developers, the primary consumers of the software supply chain, from malicious open-source packages.

The agony and the ecstasy of open source

Software development as we know it today would not be possible without readily available third-party open source packages. In the course of normal business, developers constantly test and tinker with libraries sourced from centralized package repositories like PyPI and npm, always within reach thanks to command-line package managers like pip und npm.

Despite the numerous benefits, using open source packages is not without particular security risks. Open source threat actors routinely publish packages containing embedded, often obfuscated malicious code to PyPI and npm that specifically target software developers, usually in efforts to steal their privileged information like API keys or cryptowallets. Such packages can run malicious code on import or, more often, abuse post-install command hooks provided by pip und npm to compromise developers’ machines at install-time. This year, we have documented significant campaigns from nation-state threat actors targeting developers using these very techniques.

Though prudent, expecting developers to thoroughly audit open source packages before installing and using them is not realistic and would negatively impact the developer experience to an unreasonable degree. The result, however, is that open source software supply-chain security, at least with respect to the developer workstation, falls to the wayside.

Supply-Chain Firewall logo

Enter Supply-Chain Firewall: a Python tool for preventing the installation of malicious and vulnerable PyPI and npm packages. Its primary goal is to protect software engineers’ development workstations from compromise via exactly these sorts of software supply-chain attacks.

In this blog post, we showcase the main features of Supply-Chain Firewall, point the way forward for future development of the tool, and let you know how you can get started using or contributing to it.

A tour of Supply-Chain Firewall

Blocking installations of known-malicious packages

pip oder npm command may be run through Supply-Chain Firewall by simply prepending scfw run to it. The output below shows Supply-Chain Firewall blocking an npm install command for a package that is known to be malicious.

$ scfw run npm install passports-js
Installation target [email protected]:
  - Datadog Security Research has determined that package passports-js is malicious
  - An OSV.dev malicious package disclosure exists for package [email protected]:
      * https://osv.dev/vulnerability/MAL-2024-8868

The installation request was blocked. No changes have been made.

Supply-Chain Firewall works by introspecting pip und npm commands to determine whether any package targets they propose to install or update are known to be malicious or vulnerable. Would-be installation targets are queried against a set of sources of truth for malicious package advisories and open source vulnerabilities.

scfw architecture
Overview of scfw architecture (click to enlarge)

By default, scfw queries two sources:

  • Datadog Security Research’s own public dataset of malicious PyPI and npm packages
  • The public Open Source Vulnerabilities API

Users can also easily extend scfw by adding their own custom analyzers representing alternative data sources.

Aborting installations of vulnerable packages

Though Supply-Chain Firewall automatically blocks installations of known-malicious packages, it presents users with a choice to continue in cases when a package target has findings but is not known to be malicious. This is illustrated in the run of scfw below, this time for a pip install command. Here, the user chose to abort the installation after reviewing more information about the reported advisory.

$ scfw run pip install urllib3==2.2.1
Installation target urllib3-2.2.1:
  - An OSV.dev disclosure exists for package urllib3-2.2.1:
      * https://osv.dev/vulnerability/GHSA-34jh-p97f-mpxf
[?] Proceed with installation? (y/N):
The installation request was aborted. No changes have been made.

Otherwise, if no installation targets present any concerns, scfw gets out of the way and runs the given command:

$ scfw run pip install -r requirements.txt
Collecting prettytable
  Using cached prettytable-3.12.0-py3-none-any.whl (31 kB)
Collecting pynamodb
  Using cached pynamodb-6.0.1-py3-none-any.whl (61 kB)
Collecting wcwidth
  Using cached wcwidth-0.2.13-py2.py3-none-any.whl (34 kB)
Collecting botocore>=1.12.54
  Using cached botocore-1.35.71-py3-none-any.whl (13.0 MB)
Collecting typing-extensions>=4
  Using cached typing_extensions-4.12.2-py3-none-any.whl (37 kB)
Collecting jmespath<2.0.0,>=0.7.1
  Using cached jmespath-1.0.1-py3-none-any.whl (20 kB)
Collecting urllib3!=2.2.0,<3,>=1.25.4
  Using cached urllib3-2.2.3-py3-none-any.whl (126 kB)
Collecting python-dateutil<3.0.0,>=2.1
  Using cached python_dateutil-2.9.0.post0-py2.py3-none-any.whl (229 kB)
Collecting six>=1.5
  Using cached six-1.16.0-py2.py3-none-any.whl (11 kB)
Installing collected packages: wcwidth, urllib3, typing-extensions, six, prettytable, jmespath, python-dateutil, botocore, pynamodb
Successfully installed botocore-1.35.71 jmespath-1.0.1 prettytable-3.12.0 pynamodb-6.0.1 python-dateutil-2.9.0.post0 six-1.16.0 typing-extensions-4.12.2 urllib3-2.2.3 wcwidth-0.2.13

Open source observability via Supply-Chain Firewall

This illustrates the basic value proposition of Supply-Chain Firewall as an ad-hoc, install-time filter for open source packages. However, with a bit of very simple additional configuration, you can unlock the true potential of scfw as:

  • An always-on protection for software developers
  • A source of crucial telemetry data for system administrators about which packages are installed across their fleet of developer laptops

You can accomplish the first goal by adding shell aliases to, for example, your .bashrc file so that pip und npm expand respectively to scfw run pip und scfw run npm. With a Datadog API key, you can achieve the second goal by making use of Supply-Chain Firewall’s native support for Datadog Log Management. As illustrated in the following output, the scfw configure subcommand is ready to walk you through configuring your environment to get the most out of Supply-Chain Firewall.

$ scfw configure
Thank you for using scfw, the Supply-Chain Firewall by Datadog!

scfw is a tool for preventing the installation of malicious PyPI and npm packages.

This script will walk you through setting up your environment to get the most out
of scfw. You can rerun this script at any time.

[?] Would you like to set a shell alias to run all pip commands through the firewall? (Y/n):
[?] Would you like to set a shell alias to run all npm commands through the firewall? (Y/n):
[?] Would you like to enable sending firewall logs to Datadog? (y/N): y

[?] Enter a Datadog API key: MyDatadogAPIKey
[?] Select the desired log level for Datadog logging:
   BLOCK
   ABORT
 > ALLOW

After using scfw configure to set things up just right, malicious packages are automatically kept out of your system without a second thought:

$ npm install bcrypts-js
Installation target [email protected]:
  - Datadog Security Research has determined that package bcrypts-js is malicious
  - An OSV.dev malicious package disclosure exists for package [email protected]:
      * https://osv.dev/vulnerability/MAL-2024-8862

The installation request was blocked. No changes have been made.

And if you have opted into the Log Management integration, all logs for blocked, aborted or allowed installations are visible in Datadog:

Blocked install log
Log of a blocked `npm install` command forwarded to Datadog (click to enlarge)

What’s next

In the weeks following this initial release, we are eager to see how people use Supply-Chain Firewall and hear what works well and what needs further refinement. This feedback will be extremely valuable to us as we plan for future development. You can share issues and suggestions via the project’s GitHub repository.

One star we are already sailing by: extending scfw to support other popular package manager commands for these ecosystems, especially pnpm und yarn for npm as well as poetry for PyPI. Keep an eye on the repo for updates.

Check out Supply-Chain Firewall

Supply-Chain Firewall is available for download via PyPI (pip install scfw) and GitHub. Try it out and let us know your thoughts at [email protected]. We also welcome community feedback and contributions: get involved on GitHub.

Quelle

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
8:46 am, Jan. 18, 2025
Wetter-Symbol 2°C
L: 1° | H: 3°
overcast clouds
Luftfeuchtigkeit: 89 %
Druck: 1031 mb
Wind: 5 mph E
Windböe: 0 mph
UV-Index: 0
Niederschlag: 0 mm
Wolken: 100%
Regen Chance: 0%
Sichtbarkeit: 7 km
Sonnenaufgang: 7:56 am
Sonnenuntergang: 4:24 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Today 9:00 pm
Wetter-Symbol
1° | 3°°C 0 mm 0% 4 mph 90 % 1031 mb 0 mm/h
Tomorrow 9:00 pm
Wetter-Symbol
1° | 5°°C 0 mm 0% 7 mph 93 % 1024 mb 0 mm/h
Mo. Jan. 20 9:00 pm
Wetter-Symbol
3° | 8°°C 0.26 mm 26% 6 mph 97 % 1019 mb 0 mm/h
Di. Jan. 21 9:00 pm
Wetter-Symbol
4° | 8°°C 0 mm 0% 8 mph 95 % 1019 mb 0 mm/h
Mi. Jan. 22 9:00 pm
Wetter-Symbol
4° | 7°°C 1 mm 100% 4 mph 99 % 1012 mb 0 mm/h
Today 9:00 am
Wetter-Symbol
2° | 2°°C 0 mm 0% 2 mph 89 % 1031 mb 0 mm/h
Today 12:00 pm
Wetter-Symbol
3° | 5°°C 0 mm 0% 3 mph 83 % 1031 mb 0 mm/h
Today 3:00 pm
Wetter-Symbol
4° | 6°°C 0 mm 0% 3 mph 75 % 1028 mb 0 mm/h
Today 6:00 pm
Wetter-Symbol
3° | 3°°C 0 mm 0% 4 mph 88 % 1026 mb 0 mm/h
Today 9:00 pm
Wetter-Symbol
2° | 2°°C 0 mm 0% 3 mph 90 % 1025 mb 0 mm/h
Tomorrow 12:00 am
Wetter-Symbol
2° | 2°°C 0 mm 0% 3 mph 89 % 1024 mb 0 mm/h
Tomorrow 3:00 am
Wetter-Symbol
1° | 1°°C 0 mm 0% 3 mph 91 % 1022 mb 0 mm/h
Tomorrow 6:00 am
Wetter-Symbol
1° | 1°°C 0 mm 0% 3 mph 93 % 1021 mb 0 mm/h
Name Preis24H (%)
Bitcoin(BTC)
€100,326.42
0.93%
Ethereum(ETH)
€3,193.60
-3.42%
XRP(XRP)
€3.04
-4.48%
Fesseln(USDT)
€0.97
-0.02%
Solana(SOL)
€231.29
10.47%
Dogecoin(DOGE)
€0.387292
-3.87%
USDC(USDC)
€0.97
0.00%
Shiba Inu(SHIB)
€0.000022
-6.11%
Pepe(PEPE)
€0.000019
-4.00%
Peanut das Eichhörnchen(PNUT)
€0.52
-15.32%
Nach oben scrollen