Using Legitimate GitHub URLs for Malware

Interesting social-engineering attack vector:

McAfee released a report on a new LUA malware loader distributed through what appeared to be a legitimate Microsoft GitHub repository for the “C++ Library Manager for Windows, Linux, and MacOS,” known as vcpkg.

The attacker is exploiting a property of GitHub: comments to a particular repo can contain files, and those files will be associated with the project in the URL.

What this means is that someone can upload malware and “attach” it to a legitimate and trusted project.

As the file’s URL contains the name of the repository the comment was created in, and as almost every software company uses GitHub, this flaw can allow threat actors to develop extraordinarily crafty and trustworthy lures.

For example, a threat actor could upload a malware executable in NVIDIA’s driver installer repo that pretends to be a new driver fixing issues in a popular game. Or a threat actor could upload a file in a comment to the Google Chromium source code and pretend it’s a new test version of the web browser.

These URLs would also appear to belong to the company’s repositories, making them far more trustworthy.

Tags: , ,

Posted on April 22, 2024 at 11:26 AM12 Comments

Comments

Q April 22, 2024 12:06 PM

“These URLs would also appear to belong to the company’s repositories, making them far more trustworthy.”

I think the last word there should be “trusted”.

It doesn’t make them more worthy of trust, it just fools people into trusting it.

An April 22, 2024 1:07 PM

The real highlight is

Instead of generating the URL after a comment is posted, GitHub automatically generates the download link after you add the file to an unsaved comment, as shown below. This allows threat actors to attach their malware to any repository without them knowing.

Even if you decide not to post the comment or delete it after it is posted, the files are not deleted from GitHub’s CDN, and the download URLs continue to work forever.

Erdem Memisyazici April 22, 2024 1:12 PM

Not a huge deal in my opinion. If you are on GitHub you are probably there to look at source code. If it’s not linked by the project chances are it’s not part of the project and should not be trusted. The target audience appears to be what we used to call script-kiddies who seem to be looking for cheating software online.

Who in their right mind would install something from a source code repository that isn’t produced by the source code?

When I was looking for cracks, trainers, and patches I simply went to virus riddled warez sites that had everything you needed but I knew more than half of those had M0sucker or something of the sort bundled in you first had to win-dasm decompile out and recompile before using. Luckily being always-online wasn’t a thing and your anti-virus could also clean some of those .exe(s) automatically for you. If that didn’t work you used oly debugger, found where it was asking for the key (probably latest version of WinRAR) and changed the je bit to a jne, save the exe and enter whatever key to use your “app”.

If the .exe was obfuscated then it was too much of a headache and you just searched forums for a working key next time you went online which mostly someone would always post. There also were dev keys for registration which was something like 0000-0000-0000-0000 you always tried before looking.

My point is besides going to gamecopyworld you were probably going to download a virus alongside your exe patcher. I didn’t think that would change with time because much like Sony rootkitting your computer some people have a monetary interest in getting you or others to pay for stuff you could otherwise get for free.

You always have to assume anything you send to the client side is subject to modification. Unless you are using sanctioned hardware and space by a tournament host and go through full body scans before playing your online game is probably going to be full of cheaters who trained some sort of ML network to play the game so that they can set perfect scores. That’s not as fun as wallhacking used to be (now it’s an in-game feature for most fps) but I’ve seen people do it.

I digress.

Don’t just install stuff blindly from GitHub without compiling it from source and this is not an issue.

Chris R April 22, 2024 2:00 PM

I think any malware mitigation that relies on demanding that users “don’t just install stuff” whatever the qualifications you want to put around it is doomed to failure.

The point is, some URLs are trusted more than others, and in fact the web browser UI goes to a fair amount of effort to delegate that trust to the operators of the domain and encourages users to rely on it.

lurker April 22, 2024 3:13 PM

When did Github start making urls visible in comments for uploaded files before the actual upload? ‘Bout the same time as MS moved in? Just asking …

vas pup April 22, 2024 5:08 PM

Daniel Dennett: ‘Why civilisation is more fragile than we realized’
https://www.bbc.com/future/article/20240422-philosopher-daniel-dennett-artificial-intelligence-consciousness-counterfeit-people

“While complete facsimiles of the human mind may not be imminent, the way we’re
using AI to impersonate human beings has, he told me, already put us on a dangerous trajectory. He called such AIs “counterfeit people”, and told me that
rolling out such entities en masse constituted “mischief of the worst sort”: a form of “social vandalism” that should be addressed by law. Why? Because, if
convincing digital representations of humans can be created at whim, the entire
business of collectively assessing other people’s claims, experiences and actions is put at risk – not to mention essential social infrastructure such as contracts, obligations and consequences.

Hence the need for legal prohibitions, a case he made at length in a May 2023
article for The Atlantic. “It won’t be perfect,” he told me, “but it will help if we can make it against the law to make counterfeit people. We can have stiff
penalties for counterfeiting people, same as we do for counterfeit money… we should make it a mark of shame, not pride, when you make your AI more human.”

in principle, there is nothing preventing the algorithms of artificial intelligence from approaching or exceeding our own capacities; or from humans augmenting and re-engineering their minds through artificial means. Indeed, some of Dennett’s most important early work entailed defending computation’s power and potentials against those who, like the philosopher John Searle, claimed that mere calculation could never give rise to phenomena like consciousness. For Dennett, there was nothing “mere” about calculation or algorithmic processes: it was only ever a question of scale and complexity.

In this sense, the achievements of modern AIs – from their linguistic prowess and mastery of games like chess and Go to their ability to pass legal and medical examinations – are an ongoing vindication of Dennett’s insistence that human-level competence can arise from wholly uncomprehending processes (not to mention that, in our case, it did).

It’s dangerous to obsess over whether AI will achieve “general intelligence”, with all the cognitive flexibility of a human being, let alone something greater. Long before anything like this happens, he noted,

we will need to deal with the emergence of “extremely manipulative” autonomous
agents – and these will pose a far greater threat than hypothetical super intelligences (“forget about that!”).
Why? Because, much as social media has proved an evolutionary hothouse for content able to exploit human vulnerabilities, the same dynamics favor both AI-generated content and AIs able to deploy an enticing combination of
persuasion, seduction, shock and flattery.

From flawlessly glamorous artificial influencers to deepfake pornography, from
endlessly empathetic companions to romantic scams, human loves and longings are a fertile field for the refinement of manipulation. We may not (yet) be brains
in vats. But what we see, believe, belong to and do is increasingly interwoven
with countless information systems;

and many of these are more adept at delivering persuasion and plausibility than truth.

AIs are likely to “evolve to get themselves reproduced. And the ones that
reproduce the best will be the ones that are the cleverest manipulators of us
human interlocutors. The boring ones we will cast aside, and the ones that hold our attention we will spread.

All this will happen without any intention at all. It will be natural
selection of software.”

In evolutionary terms, our minds aren’t devices fine-tuned for differentiating
truth from lies. We are partial, passionate, tribal creatures: social animals linked by bonds of love and loyalty that both define our humanity and make us painfully vulnerable.

“is your thinking to be determined by the truth about what’s out there. You want to be compelled by the good evidence there is out there for how the world is. But you also want to have the elbow room to reconsider, and reconsider, and
reconsider further: your prospects, your projects, your goals. You want to be a
higher order, intentional system that reflects upon means and ends and goals.”

The “freedom” to act on the basis of manipulatively inaccurate information is
no freedom at all. By contrast, actions determined by “the good evidence that is out there” are emancipatory: open to the complexities of actuality rather than snared by untruths.”

Who? April 23, 2024 12:13 PM

@ Erdem Memisyazici

Not a huge deal in my opinion. If you are on GitHub you are probably there to look at source code. If it’s not linked by the project chances are it’s not part of the project and should not be trusted. The target audience appears to be what we used to call script-kiddies who seem to be looking for cheating software online.

Not exactly, lots of projects on GitHub have a “Files” tab where bootable ISO images can be downloaded, and this one is the way these images are downloaded from the project’s main web page.

Who? April 23, 2024 12:18 PM

@ Erdem Memisyazici

Who in their right mind would install something from a source code repository that isn’t produced by the source code?

This is called “social engineering” and it works. Just publish a link on a forum that looks genuine and people will download from it, not to say in case official files have been available for downloaded directly from GitHub/GitLab for years.

vas pup April 23, 2024 4:36 PM

https://cyberguy.com/future-tech/how-this-new-invisibility-technology-can-literally-make-you-disappear/

“What would you think if I told you that there is technology available today that could make you vanish? It’s true. Thanks to optical engineering, it’s possible to become invisible to the naked eye. This isn’t just a fantasy—it’s a reality crafted by the UK’s Invisibility Shield Co., which has introduced the impressive Invisibility Shield. This 6-foot-tall shield offers a new dimension to the concept of invisibility.

At the heart of this technology lies a precision-engineered lens array. Picture this: you’re standing behind the shield, and instead of being a conspicuous figure, the light reflecting off you is cleverly redirected.

This array, composed of vertically oriented lenses, scatters the light horizontally, causing your image to dissolve into the backdrop. It’s like a magic trick, where the magician vanishes not with a puff of smoke but with a whisper of light.

The lenses are not just any lenses; they are elongated, convex lenses meticulously embossed onto a polymer sheet. These aren’t your run-of-the-mill magnifying glasses; they are the result of rigorous testing and fine-tuning—shaped to perfection to manipulate light just right.

But what about the backdrop? Ah, that’s where the magic amplifies. The background light, brighter and broader, passes through the shield and gets refracted towards the observer. From their point of view, it’s as if the background itself has stretched out, masking your presence.

But let’s not forget, these shields are not armor. They won’t protect you from harm but will make you virtually invisible. And they’re built to last, with materials that withstand the elements and the test of time.”

https://www.youtube.com/watch?v=gCC5RdA19bA

My nickel:
Traffic cop is hiding to get violators?
Banking security guy is invisible to potential robbers?
Confidential informer, whistleblower you name it testified in court or/and Congress hearings?
Some Secret Service protected person is hiding behind?

starfall April 24, 2024 6:38 PM

Who in their right mind would install something from a source code repository that isn’t produced by the source code?

Well… Red Hat, Debian, Kali, openSUSE, and Arch all pulled down the xz builds, so at least them.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.