Security researchers have discovered a concerning vulnerability in the PyPI package repository that could allow attackers to distribute malicious payloads easily. The technique, known as “Revival Hijack,” involves re-registering a malicious package on PyPI using the same name as a legitimate package previously removed from the repository. Attackers then wait for unsuspecting organizations to download the rogue package, exploiting the lack of restrictions on name reuse for removed packages.
According to a report by JFrog, this method poses a significant supply chain threat as attackers can target organizations and infiltrate various environments with malicious code. PyPI users are advised to remain vigilant and ensure that their CI/CD machines are not attempting to install packages that were previously removed from the repository. Recently, threat actors have been observed using the Revival Hijack tactic in an attempt to distribute malware through PyPI.
This attack method is just one of many that adversaries have utilized to smuggle malware into enterprise environments via public code repositories like PyPI, npm, Maven Central, NuGet, and RubyGems. Other common tactics include cloning and infecting popular repositories, poisoning artifacts, and exploiting leaked secrets such as private keys and database certificates.
Furthermore, threat actors have also resorted to typosquatting attacks, where developers are tricked into installing malicious packages by exploiting typing errors or slight variations in legitimate package names. Despite efforts by organizations and registry maintainers to protect against these attacks, typosquatting incidents persist.
The challenge with the Revival Hijack technique is that it does not rely on victims making mistakes, as is the case with typosquatting. Many users view updating a previously safe package to its latest version as a secure operation, making it easier for attackers to distribute malicious payloads.
When developers remove a project from PyPI, the associated package names become immediately available for anyone else to use. This vulnerability allows attackers to hijack package names and infect users looking to update to the latest version of the original package. This issue was demonstrated by JFrog researchers who created and removed an empty project from PyPI, then re-registered a package with the same name, potentially misleading users into downloading malicious code.
JFrog’s research revealed a concerning 120,000 removed packages on PyPI that attackers could exploit to distribute malware. By hijacking the most popular of these packages and replacing them with empty ones, the researchers aimed to prevent adversaries from misusing the abandoned package names. Despite these efforts, JFrog’s empty packages received nearly 200,000 downloads over a three-month period, highlighting the real threat posed by Revival Hijack.
To mitigate this threat, JFrog recommended that PyPI prohibit the reuse of abandoned package names entirely. Organizations using PyPI should also be cautious when upgrading to new package versions to avoid inadvertently downloading malicious code. The security vendor emphasized the urgent need for enhanced security measures to protect against Revival Hijack and other similar attack vectors targeting public code repositories.