Typosquatting programming language package managers
- Added on 2023-08-13
- Page: http://incolumitas.com/2016/06/08/typosquatting-package-managers/
- See on Internet Archive
- #security #unicode
In this blog post, it is demonstrated how 17000 computers were forced to execute arbitrary code by typosquatting programming language packages/libraries 50% of these installations were conducted with administrative rights Even highly security aware institutions (.gov and .mil hosts) fell victim to this attack a typosquatting attack becomes wormable by mining the command history data of hosts some good defenses against typosquatting package managers might look like The complete thesis can be downloaded as a PDF. In the second part of 2015 and the early months of 2016, I worked on my bachelors thesis. In this thesis, I tried to attack programming language package managers such as Pythons PyPi, NodeJS Npmsjs.com and Rubys rubygems.org. The attack does not exploit a new technical vulnerability, it rather tries to trick people into installing packages that they not intended to run on their systems. DNS Typosquatting In the domain name system, typosquatting is a well known problem. Typosquatting is the malicious registering of a domain that is lexically similar to another, often highly …