Malware Activity
Malicious “Fabrice” PyPI Package with 37,000 Downloads Steals AWS Keys
A malicious Python package named “fabrice” has been discovered by security researchers in the Python Package Index (PyPI). Fabrice has been available for download since 2021 and is likely a typosquat of the very popular and legitimate SSH remote server management package “fabric”. It is possible that fabrice was not flagged by the community earlier because advanced scanning tools were available only after its initial submission to PyPI. The malicious package had been downloaded over 37,000 times, and contains code scripted to steal AWS credentials using boto3, the official Python SDK for AWS. Once a boto3 session is initialized, the malicious package collects the AWS credentials associated with the session and exfiltrates the data to a VPN server. Fabrice can operate on both Windows and Linux systems. On Linux systems, it sets up a hidden directory at ‘~/.local/bin/vscode’ to store encoded shell scripts that are responsible for executing commands. On Windows, fabrice downloads a VBScript that launches a Python script (d.py) that drops a malicious executable (‘chrome.exe’) into a user’s Downloads folder. The executable schedules a Windows task to execute every fifteen (15) minutes, maintaining persistence across reboots. CTIX analysts recommend that individuals and organizations check their systems to ensure the package has not been downloaded. CTIX analysts also recommend that organizations employ AWS Identity and Access Management to limit how AWS resources can be used. CTIX analysts will continue to report on new and emerging forms of malware and associated campaigns.
Threat Actor Activity
Scattered Spider and BlackCat/ALPHV Showcase the Difficulties in Cybercrime Disruption
Scattered Spider and BlackCat/ALPHV, notorious for major cyber heists, have resurfaced with new intrusions and possible rebranding over the last few months. Despite arrests of key members in January and June of this year, Scattered Spider, part of a larger cybercriminal community known as "The Com," continues to target organizations using social engineering, as seen in a recent attack on a manufacturing firm earlier in October 2024. This attack involved help desk manipulation, rapid system encryption, and a ransom demand via Microsoft Teams. The group has also switched to using RansomHub malware, diverging from previous affiliations with BlackCat/ALPHV, and is employing new tactics like advanced defensive evasion and novel Microsoft Teams methods. The resurgence highlights the decentralized nature of these cybercriminal groups, making law enforcement disruptions challenging. Scattered Spider's operations focus on credential theft and system infiltration through legitimate means, emphasizing the need for stringent help desk policies and technical controls. Meanwhile, BlackCat's dark web presence was dismantled by an FBI operation in December 2023, but its affiliates have been linked to Cicada3301 ransomware, sharing significant similarities in attack techniques including ransomware written in Rust. Cicada3301 has targeted companies in the US and UK, using tactics akin to BlackCat, such as inhibiting system recovery and embedding PsExec executables. The reemergence of these groups underscores the persistent threat posed by ransomware operators, facilitated by cryptocurrency's anonymity and geopolitical factors. CTIX analysts urge companies to enhance their cybersecurity posture by investing in robust email filtering, user training, endpoint security, and network monitoring.
Vulnerabilities
Critical Vulnerabilities Found in Open-Source Machine Learning Projects
Cybersecurity researchers have identified nearly two dozen security vulnerabilities across fifteen (15) machine learning (ML) open-source projects, posing significant risks to organizations. According to JFrog, these flaws affect both server- and client-side components, allowing attackers to compromise critical systems like ML model registries, databases, and pipelines. Notable vulnerabilities include directory traversal in Weave, tracked as CVE-2024-7340, enabling privilege escalation, a command injection vulnerability in Deep Lake, tracked as CVE-2024-6507, and a privilege mismanagement in Mage AI, tracked as CVE-2024-45187. Some issues, such as improper access control in ZenML, lack CVE identifiers but remain just as severe. Exploiting these flaws could enable ML model backdooring, data poisoning, and unauthorized system access. This disclosure follows JFrog's earlier report on more than twenty (20) vulnerabilities in MLOps platforms and introducing Mantis, a defensive framework leveraging prompt injection to neutralize attacks on large language models (LLMs) with over 95% effectiveness. Mantis uses decoy services and dynamic prompt injections to autonomously disrupt or hack back attackers, highlighting the escalating cyber threats to ML systems. Administrators responsible for maintaining these projects should read the full report for more information and be on the lookout for patches.
The semi-weekly Ankura Cyber Threat Investigations and Expert Services (CTIX) FLASH Update is designed to provide timely and relevant cyber intelligence about current or emerging cyber events. The preceding is a collection of cyber threat intelligence leads assembled over the past few days and typically includes high-level intelligence about recent threat group/actor activity and newly identified vulnerabilities impacting a wide range of industries and victims. Please feel free to contact the CTIX Team (ctix@ankura.com) if you need more context.
© Copyright 2024. The views expressed herein are those of the author(s) and not necessarily the views of Ankura Consulting Group, LLC., its management, its subsidiaries, its affiliates, or its other professionals. Ankura is not a law firm and cannot provide legal advice