Microsoft warns enterprises of new 'dependency confusion' attack technique

New "dependency confusion" technique, also known as a "substitution attack," allows threat actors to sneak malicious code inside private code repositories by registering internal library names on public package indexes.
Written by Catalin Cimpanu, Contributor
Image: Alex Birsan

Microsoft has published a white paper on Tuesday about a new type of attack technique called a "dependency confusion" or a "substitution attack" that can be used to poison the app-building process inside corporate environments.

The technique revolves around concepts like package managers, public and private package repositories, and build processes.

Today, developers at small or large companies use package managers to download and import libraries that are then assembled together using build tools to create a final app.

This app can be offered to the company's customers or can be used internally at the company as an employee tool.

But some of these apps can also contain proprietary or highly-sensitive code, depending on their nature. For these apps, companies will often use private libraries that they store inside a private (internal) package repository, hosted inside the company's own network.

When apps are built, the company's developers will mix these private libraries with public libraries downloaded from public package portals like npm, PyPI, NuGet, or others.

New "dependency confusion" attack

In research published on Tuesday, a team of security researchers has detailed a new concept called "dependency confusion" that attacks these mixed app-building environments inside large corporations.

Researchers showed that if an attacker learns the names of private libraries used inside a company's app-building process, they could register these names on public package repositories and upload public libraries that contain malicious code.

The "dependency confusion" attack takes place when developers build their apps inside enterprise environments, and their package manager prioritizes the (malicious) library hosted on the public repository instead of the internal library with the same name.

The research team said they put this discovery to the test by searching for situations where big tech firms accidentally leaked the names of various internal libraries and then registered those same libraries on package repositories like npm, RubyGems, and PyPI.

Using this method, researchers said they successfully loaded their (non-malicious) code inside apps used by 35 major tech firms, including the likes of Apple, Microsoft, PayPal, Shopify, Netflix, Yelp, Uber, and others.

But besides npm, RubyGems, and PyPI, other package managers are also vulnerable, researchers said, including the likes of JFrog and NuGet.

Microsoft urges companies to analyze internal package repos

While the research team said it notified all the affected companies and package repositories, Microsoft appears to have understood the severity of this issue more than the others.

After the research team's work went public on Tuesday, the OS maker, which also runs the NuGet package manager for .NET developers, has published a white paper detailing the dependency confusion technique, which Microsoft calls "substitution attack."

The white paper warns companies about hybrid package manager configurations, where both public and private library sources are used, but also details a series of mitigations that companies can apply to avoid dependency confusions within their build environments.

Among some of the listed recommendations there are:

  • Reference one private feed, not multiple
  • Protect your private packages using controlled scopes on public package repositories
  • Utilize client-side verification features, such as version pinning and integrity verification

More inside the white paper.

Editorial standards