A leaked GitHub access token with administrator access to the centralized PyPI repository and the Python Software Foundation’s GitHub repository could have had disastrous consequences if not rapidly revoked.
Researchers at JFrog revealed the leaked token could have been used in a variety of different supply chain attacks, adding that the potential damage a cyber criminal could have inflicted would have been severe.
JFrog’s secret scanning engine found the authentication token in a compiled Python file inside a Docker container.
Speaking to ITPro, Brian Moussalli, malware research team leader at JFrog, noted this is something of a novel development and he had not seen access tokens leaked in this manner before.
“I’m not aware of any similar cases where tokens with such high privileges were leaked on a public repository,” he said. “I think there were cases where tokens were leaked as part of distributed software, but in this case it was some sort of accident that happened due to the developer or PyPI admin developing some sort of internal tool for the deployment of PyPI servers and they uploaded it to Docker Hub for some reason.”
“What happened is that they used the token in the source code and they ran it, and then when they uploaded it to Docker Hub they thought they had removed all traces to the sensitive token but, in fact, it was found in a binary file, which is produced after executing the actual code. So I don’t remember any such case where a leak happened as some byproduct of someone’s internal work.”
David Sancho, senior threat researcher at Trend Micro, added that the software supply chain has seen a number of attacks leveraging malicious software updates to install malware on millions of devices, such as the NotPetya or SolarWinds attacks.
However, the overall popularity of this attack is limited by its complexity.
“This attack vector is not something we’re seeing commonly pursued because it’s very difficult to pull off, but it’s certainly very interesting to would-be attackers and on their radar as an appealing route to compromise organizations.”
Leaked GitHub access token provided “endless” opportunities for attackers
The report underlined how serious this incident could have been if successfully exploited by hackers.
“Due to the popularity of Python, inserting malicious code that would eventually end up in Python’s distributables could mean spreading your backdoor to tens of millions of machines worldwide!”
JFrog highlighted one potential attack path involving hiding malicious code in CPython, the repository containing many of the basic libraries at the core of the Python programming language, compiled from C code.
This malicious insertion could then be packed and distributed in various forms to official Python binaries, upstream for Linux distribution packages such as Ubuntu or Alpine, or to people developers from source code tarballs.
In another example, JFrog raised another potential attack vector where hackers insert malicious code into PyPI’s Warehouse code, which underpins the PyPI package manager.
“Imagine an attacker inserting code that grants them a backdoor to PyPI’s storage, allowing them to manipulate very popular PyPI packages, hiding malicious code inside them, or replacing them altogether. Although this is not the most sophisticated way to carry out an attack that would remain undetected for a long time, it’s certainly a scary scenario.”
Moussalli concluded the token would have presented hackers with numerous opportunities to perpetrate further cyber attacks.
“If someone were to put a backdoor on PyPI, the possibilities are endless in terms of distributing malicious packages. I could have replaced all the popular packages on PyPI with a malicious package with some sort of backdoor or Trojan or whatever,” he added.
So one direction could be the Python language itself, and the other would be the Python packages index where I could have attacked any given package.”
PyPI’s quick response “crucial” to prevent disaster
JFrog commended PyPI for the urgency with which it addressed the issue, taking just 17 minutes to revoke the token after JFrog reached out to them.
It noted that the organization conducted a “thorough check” and found there was no suspicious activity using the token in question.
Moussalli described the importance of responding to incidents of this scale in a timely manner.
“I think there’s no other word to describe it other than crucial. It’s crucial that they would be quick to respond and assess whether or not they have been impacted and if anyone tried or succeeded in using this token, auditing, going over logs to see if it was used and if some perpetrator was able to take advantage of this leak.”
